org.springframework.http.ResponseCookie.from()

@Override
public DefaultClientResponseBuilder cookie(String name, String... values) {
    for (String value : values) {
        this.cookies.add(name, ResponseCookie.from(name, value).build());
    }
    return this;
}

@Override
public MultiValueMap<String, ResponseCookie> getCookies() {
    MultiValueMap<String, ResponseCookie> result = new LinkedMultiValueMap<>();
    this.response.cookies().values().stream().flatMap(Collection::stream).forEach(cookie -> result.add(cookie.name(), ResponseCookie.from(cookie.name(), cookie.value()).domain(cookie.domain()).path(cookie.path()).maxAge(cookie.maxAge()).secure(cookie.isSecure()).httpOnly(cookie.isHttpOnly()).build()));
    return CollectionUtils.unmodifiableMultiValueMap(result);
}

@Test
public void cookieHeaderSet() throws Exception {
    ResponseCookie foo11 = ResponseCookie.from("foo1", "bar1").build();
    ResponseCookie foo12 = ResponseCookie.from("foo1", "bar2").build();
    ResponseCookie foo21 = ResponseCookie.from("foo2", "baz1").build();
    ResponseCookie foo22 = ResponseCookie.from("foo2", "baz2").build();
    MockServerHttpResponse response = new MockServerHttpResponse();
    response.addCookie(foo11);
    response.addCookie(foo12);
    response.addCookie(foo21);
    response.addCookie(foo22);
    response.applyCookies();
    replacedertEquals(Arrays.asList("foo1=bar1", "foo1=bar2", "foo2=baz1", "foo2=baz2"), response.getHeaders().get(HttpHeaders.SET_COOKIE));
}

private static ResponseCookie toResponseCookie(java.net.HttpCookie cookie) {
    return ResponseCookie.from(cookie.getName(), cookie.getValue()).domain(cookie.getDomain()).httpOnly(cookie.isHttpOnly()).maxAge(cookie.getMaxAge()).path(cookie.getPath()).secure(cookie.getSecure()).build();
}

public ResponseCookie convertLoginCookie(LoginCookie loginCookie, int sessionDurationSeconds) {
    var value = encryptor.encryptObject(loginCookie);
    var sameSiteValue = config.isHttpsHost() ? "None" : null;
    return ResponseCookie.from(LoginCookie.NAME, value).httpOnly(true).secure(config.isHttpsHost()).maxAge(sessionDurationSeconds).sameSite(sameSiteValue).path("/").build();
}

public ResponseCookie convertStateCookie(LoginStateCookie stateCookie) {
    var value = encryptor.encryptObject(stateCookie);
    return ResponseCookie.from(LoginStateCookie.NAME, value).httpOnly(true).secure(config.isHttpsHost()).maxAge(Duration.ofMinutes(1)).path("/auth").build();
}

public ResponseCookie convertCsrfCookie(CsrfCookie csrfCookie, int sessionDurationSeconds) {
    return ResponseCookie.from(CsrfCookie.NAME, csrfCookie.getCsrfToken()).httpOnly(false).secure(config.isHttpsHost()).maxAge(Duration.ofSeconds(sessionDurationSeconds)).sameSite("Strict").path("/").build();
}

private ResponseCookie.ResponseCookieBuilder initBuilder(String token) {
    return ResponseCookie.from(AUTHORIZATION_SESSION_KEY, token).httpOnly(cookieProperties.isHttpOnly()).sameSite(cookieProperties.getSameSite()).secure(cookieProperties.isSecure());
}

public String buildCookie(String cookieName, String cookieValue) {
    return ResponseCookie.from(cookieName, cookieValue).httpOnly(isHttpOnly()).sameSite(getSameSite()).secure(isSecure()).path(getPath()).maxAge(getMaxAge()).build().toString();
}

@Test
public void from() {
    MockServerHttpRequest request = MockServerHttpRequest.post("https://example.com").header("foo", "bar").build();
    MockServerWebExchange exchange = MockServerWebExchange.from(request);
    ServerRequest other = ServerRequest.create(exchange, HandlerStrategies.withDefaults().messageReaders());
    Flux<DataBuffer> body = Flux.just("baz").map(s -> s.getBytes(StandardCharsets.UTF_8)).map(dataBufferFactory::wrap);
    ServerRequest result = ServerRequest.from(other).method(HttpMethod.HEAD).headers(httpHeaders -> httpHeaders.set("foo", "baar")).cookies(cookies -> cookies.set("baz", ResponseCookie.from("baz", "quux").build())).body(body).build();
    replacedertEquals(HttpMethod.HEAD, result.method());
    replacedertEquals(1, result.headers().asHttpHeaders().size());
    replacedertEquals("baar", result.headers().asHttpHeaders().getFirst("foo"));
    replacedertEquals(1, result.cookies().size());
    replacedertEquals("quux", result.cookies().getFirst("baz").getValue());
    StepVerifier.create(result.bodyToFlux(String.clreplaced)).expectNext("baz").verifyComplete();
}

@Test
public void from() {
    Flux<DataBuffer> otherBody = Flux.just("foo", "bar").map(s -> s.getBytes(StandardCharsets.UTF_8)).map(dataBufferFactory::wrap);
    ClientResponse other = ClientResponse.create(HttpStatus.BAD_REQUEST, ExchangeStrategies.withDefaults()).header("foo", "bar").cookie("baz", "qux").body(otherBody).build();
    Flux<DataBuffer> body = Flux.just("baz").map(s -> s.getBytes(StandardCharsets.UTF_8)).map(dataBufferFactory::wrap);
    ClientResponse result = ClientResponse.from(other).headers(httpHeaders -> httpHeaders.set("foo", "baar")).cookies(cookies -> cookies.set("baz", ResponseCookie.from("baz", "quux").build())).body(body).build();
    replacedertEquals(HttpStatus.BAD_REQUEST, result.statusCode());
    replacedertEquals(1, result.headers().asHttpHeaders().size());
    replacedertEquals("baar", result.headers().asHttpHeaders().getFirst("foo"));
    replacedertEquals(1, result.cookies().size());
    replacedertEquals("quux", result.cookies().getFirst("baz").getValue());
    StepVerifier.create(result.bodyToFlux(String.clreplaced)).expectNext("baz").verifyComplete();
}

private ResponseCookie initSessionCookie(ServerWebExchange exchange, String id, Duration maxAge) {
    ResponseCookie.ResponseCookieBuilder cookieBuilder = ResponseCookie.from(this.cookieName, id).path(exchange.getRequest().getPath().contextPath().value() + "/").maxAge(maxAge).httpOnly(true).secure("https".equalsIgnoreCase(exchange.getRequest().getURI().getScheme())).sameSite("Lax");
    if (this.cookieInitializer != null) {
        this.cookieInitializer.accept(cookieBuilder);
    }
    return cookieBuilder.build();
}

@Test
void cookieHeaderSet() throws Exception {
    ResponseCookie foo11 = ResponseCookie.from("foo1", "bar1").build();
    ResponseCookie foo12 = ResponseCookie.from("foo1", "bar2").build();
    ResponseCookie foo21 = ResponseCookie.from("foo2", "baz1").build();
    ResponseCookie foo22 = ResponseCookie.from("foo2", "baz2").build();
    MockServerHttpResponse response = new MockServerHttpResponse();
    response.addCookie(foo11);
    response.addCookie(foo12);
    response.addCookie(foo21);
    response.addCookie(foo22);
    response.applyCookies();
    replacedertThat(response.getHeaders().get(HttpHeaders.SET_COOKIE)).isEqualTo(Arrays.asList("foo1=bar1", "foo1=bar2", "foo2=baz1", "foo2=baz2"));
}

@Test
public void from() {
    MockServerHttpRequest request = MockServerHttpRequest.post("http://example.com").header("foo", "bar").build();
    MockServerWebExchange exchange = MockServerWebExchange.from(request);
    ServerRequest other = ServerRequest.create(exchange, HandlerStrategies.withDefaults().messageReaders());
    Flux<DataBuffer> body = Flux.just("baz").map(s -> s.getBytes(StandardCharsets.UTF_8)).map(dataBufferFactory::wrap);
    ServerRequest result = ServerRequest.from(other).method(HttpMethod.HEAD).headers(httpHeaders -> httpHeaders.set("foo", "baar")).cookies(cookies -> cookies.set("baz", ResponseCookie.from("baz", "quux").build())).body(body).build();
    replacedertEquals(HttpMethod.HEAD, result.method());
    replacedertEquals(1, result.headers().asHttpHeaders().size());
    replacedertEquals("baar", result.headers().asHttpHeaders().getFirst("foo"));
    replacedertEquals(1, result.cookies().size());
    replacedertEquals("quux", result.cookies().getFirst("baz").getValue());
    StepVerifier.create(result.bodyToFlux(String.clreplaced)).expectNext("baz").verifyComplete();
}

private String getSessionCookiereplacedtringForHeader(String sessionCookieValue) {
    String cookiereplacedtring = ResponseCookie.from(Consts.COOKIE_SESSION_COOKIE_NAME, sessionCookieValue).httpOnly(cookieConfigProperties.getSessioncookie().isHttpOnly()).sameSite(cookieConfigProperties.getSessioncookie().getSameSite()).secure(cookieConfigProperties.getSessioncookie().isSecure()).path(cookieConfigProperties.getSessioncookie().getPath()).maxAge(cookieConfigProperties.getSessioncookie().getMaxAge()).build().toString();
    return cookiereplacedtring;
}

@Test
public void from() {
    Flux<DataBuffer> otherBody = Flux.just("foo", "bar").map(s -> s.getBytes(StandardCharsets.UTF_8)).map(dataBufferFactory::wrap);
    ClientResponse other = ClientResponse.create(HttpStatus.BAD_REQUEST, ExchangeStrategies.withDefaults()).header("foo", "bar").cookie("baz", "qux").body(otherBody).build();
    Flux<DataBuffer> body = Flux.just("baz").map(s -> s.getBytes(StandardCharsets.UTF_8)).map(dataBufferFactory::wrap);
    ClientResponse result = ClientResponse.from(other).headers(httpHeaders -> httpHeaders.set("foo", "baar")).cookies(cookies -> cookies.set("baz", ResponseCookie.from("baz", "quux").build())).body(body).build();
    replacedertThat(result.statusCode()).isEqualTo(HttpStatus.BAD_REQUEST);
    replacedertThat(result.headers().asHttpHeaders().size()).isEqualTo(1);
    replacedertThat(result.headers().asHttpHeaders().getFirst("foo")).isEqualTo("baar");
    replacedertThat(result.cookies().size()).isEqualTo(1);
    replacedertThat(result.cookies().getFirst("baz").getValue()).isEqualTo("quux");
    StepVerifier.create(result.bodyToFlux(String.clreplaced)).expectNext("baz").verifyComplete();
}

@Test
public void shouldGrafreplacedogin() {
    final var grafanaUrl = "url";
    given(grafanaProperties.getPublishedUrl()).willReturn(grafanaUrl);
    given(replacedysisService.grafreplacedogin(userOwner())).willReturn(Mono.just(ResponseCookie.from("grafana_session", "sessionId").build()));
    webTestClient.get().uri(uriBuilder -> uriBuilder.path("/result/grafana/login").queryParam("resultId", "test").build()).header("Authorization", "Bearer user-token").exchange().expectStatus().is2xxSuccessful().expectBody(Grafreplacedogin.clreplaced).isEqualTo(Grafreplacedogin.builder().session("sessionId").url("url/d/test").build());
}

/**
 * This function removes the ATOKEN cookie from the browser
 * @return Mono<ResponseEnreplacedy>
 */
@RequestMapping(value = LOGOUT_ENDPOINT, method = RequestMethod.POST)
public Mono<ResponseEnreplacedy> logout() {
    return Mono.fromSupplier(() -> {
        String cookieString = ResponseCookie.from(TOKEN_COOKIE_NAME, null).httpOnly(true).build().toString();
        HttpHeaders responseHeaders = new HttpHeaders();
        responseHeaders.set(HttpHeaders.SET_COOKIE, cookieString + "; Max-Age=" + 0);
        return ResponseEnreplacedy.ok().headers(responseHeaders).body(null);
    });
}

@RequestMapping(value = AUTH_ENDPOINT, method = RequestMethod.POST)
public Mono<ResponseEnreplacedy> login(@RequestBody LoginControllerRequest request) {
    return userService.login(request.getEmail(), request.getPreplacedword()).map(loginResponse -> {
        String cookieString = ResponseCookie.from(TOKEN_COOKIE_NAME, loginResponse.getToken()).httpOnly(true).build().toString();
        cookieString = cookieString + "; Max-Age=" + loginResponse.getExpiresIn();
        HttpHeaders responseHeaders = new HttpHeaders();
        responseHeaders.set(HttpHeaders.SET_COOKIE, cookieString);
        // Remove the token from the response
        loginResponse.setToken(null);
        return ResponseEnreplacedy.ok().headers(responseHeaders).body(loginResponse);
    });
}

@Test
public void copyCookies() {
    Mono<ServerResponse> serverResponse = ServerResponse.ok().cookie(ResponseCookie.from("foo", "bar").build()).syncBody("body");
    replacedertFalse(serverResponse.block().cookies().isEmpty());
    serverResponse = ServerResponse.ok().cookie(ResponseCookie.from("foo", "bar").build()).body(BodyInserters.fromObject("body"));
    replacedertFalse(serverResponse.block().cookies().isEmpty());
}

@Test
public void copyCookies() {
    Mono<ServerResponse> serverResponse = ServerResponse.ok().cookie(ResponseCookie.from("foo", "bar").build()).bodyValue("body");
    replacedertThat(serverResponse.block().cookies().isEmpty()).isFalse();
    serverResponse = ServerResponse.ok().cookie(ResponseCookie.from("foo", "bar").build()).bodyValue("body");
    replacedertThat(serverResponse.block().cookies().isEmpty()).isFalse();
}

@Test
public void from() {
    MockServerHttpRequest request = MockServerHttpRequest.post("https://example.com").header("foo", "bar").build();
    MockServerWebExchange exchange = MockServerWebExchange.from(request);
    ServerRequest other = ServerRequest.create(exchange, HandlerStrategies.withDefaults().messageReaders());
    Flux<DataBuffer> body = Flux.just("baz").map(s -> s.getBytes(StandardCharsets.UTF_8)).map(dataBufferFactory::wrap);
    ServerRequest result = ServerRequest.from(other).method(HttpMethod.HEAD).headers(httpHeaders -> httpHeaders.set("foo", "baar")).cookies(cookies -> cookies.set("baz", ResponseCookie.from("baz", "quux").build())).body(body).build();
    replacedertThat(result.method()).isEqualTo(HttpMethod.HEAD);
    replacedertThat(result.headers().asHttpHeaders().size()).isEqualTo(1);
    replacedertThat(result.headers().asHttpHeaders().getFirst("foo")).isEqualTo("baar");
    replacedertThat(result.cookies().size()).isEqualTo(1);
    replacedertThat(result.cookies().getFirst("baz").getValue()).isEqualTo("quux");
    StepVerifier.create(result.bodyToFlux(String.clreplaced)).expectNext("baz").verifyComplete();
}

/**
 * Create a header containing a cookie holding a JWT token value, if given
 * @param tokenValueAndAge a pair of the JWT token value and age (in seconds)
 * @return a header containing the JWT cookie
 */
private HttpHeaders createCookieHeaderFromJwt(Optional<Pair<String, Long>> tokenValueAndAge) {
    String cookieValue = null;
    Long cookieAge = 0L;
    if (tokenValueAndAge.isPresent()) {
        Pair<String, Long> cookieValueAndAge = tokenValueAndAge.get();
        cookieValue = cookieValueAndAge.getFirst();
        cookieAge = cookieValueAndAge.getSecond();
    }
    HttpCookie cookie = ResponseCookie.from(TOKEN_COOKIE_NAME, cookieValue).maxAge(cookieAge).httpOnly(true).secure(tokenConfiguration.isUsingHttps()).sameSite("Strict").path("/").build();
    HttpHeaders responseHeaders = new HttpHeaders();
    responseHeaders.add(HttpHeaders.SET_COOKIE, cookie.toString());
    return responseHeaders;
}

private String getRedirectCookiereplacedtringForHeader(SessionEnreplacedy redirectSessionEnreplacedy, String authId) {
    String path = cookieConfigProperties.getRedirectcookie().getPath();
    if (!path.matches("(.*)" + AUTH_ID_VARIABLE + "(.*)")) {
        throw new RuntimeException("programming error. path " + path + " does not match with " + AUTH_ID_VARIABLE);
    }
    path = path.replaceAll(AUTH_ID_VARIABLE, authId);
    return ResponseCookie.from(Consts.COOKIE_REDIRECT_COOKIE_NAME, redirectSessionEnreplacedy.getSessionCookieValue()).httpOnly(cookieConfigProperties.getRedirectcookie().isHttpOnly()).sameSite(cookieConfigProperties.getRedirectcookie().getSameSite()).secure(cookieConfigProperties.getRedirectcookie().isSecure()).path(path).maxAge(cookieConfigProperties.getRedirectcookie().getMaxAge()).build().toString();
}

@Test
public void from() {
    ResponseCookie cookie = ResponseCookie.from("foo", "bar").build();
    ServerResponse other = ServerResponse.ok().header("foo", "bar").cookie(cookie).hint("foo", "bar").build().block();
    Mono<ServerResponse> result = ServerResponse.from(other).build();
    StepVerifier.create(result).expectNextMatches(response -> HttpStatus.OK.equals(response.statusCode()) && "bar".equals(response.headers().getFirst("foo")) && cookie.equals(response.cookies().getFirst("foo"))).expectComplete().verify();
}

@Test
public void beforeCommitWithComplete() throws Exception {
    ResponseCookie cookie = ResponseCookie.from("ID", "123").build();
    TestServerHttpResponse response = new TestServerHttpResponse();
    response.beforeCommit(() -> Mono.fromRunnable(() -> response.getCookies().add(cookie.getName(), cookie)));
    response.writeWith(Flux.just(wrap("a"), wrap("b"), wrap("c"))).block();
    replacedertTrue(response.statusCodeWritten);
    replacedertTrue(response.headersWritten);
    replacedertTrue(response.cookiesWritten);
    replacedertSame(cookie, response.getCookies().getFirst("ID"));
    replacedertEquals(3, response.body.size());
    replacedertEquals("a", new String(response.body.get(0).asByteBuffer().array(), StandardCharsets.UTF_8));
    replacedertEquals("b", new String(response.body.get(1).asByteBuffer().array(), StandardCharsets.UTF_8));
    replacedertEquals("c", new String(response.body.get(2).asByteBuffer().array(), StandardCharsets.UTF_8));
}

@Test
public void shouldGrafreplacedogin() {
    final var cookie = ResponseCookie.from("grafana_session", "sessionId").build();
    given(grafanaUserClientBuilder.getSessionCookie(any())).willReturn(Mono.just(cookie));
    final var response = service.grafreplacedogin(Owner.PUBLIC).block();
    replacedertThat(response).isEqualTo(cookie);
}

@Test
public void cookies() {
    ResponseCookie cookie = ResponseCookie.from("foo", "bar").build();
    MultiValueMap<String, ResponseCookie> cookies = new LinkedMultiValueMap<>();
    cookies.add("foo", cookie);
    given(mockResponse.getCookies()).willReturn(cookies);
    replacedertSame(cookies, defaultClientResponse.cookies());
}

@Test
public void beforeCommitActionWithSetComplete() throws Exception {
    ResponseCookie cookie = ResponseCookie.from("ID", "123").build();
    TestServerHttpResponse response = new TestServerHttpResponse();
    response.beforeCommit(() -> {
        response.getCookies().add(cookie.getName(), cookie);
        return Mono.empty();
    });
    response.setComplete().block();
    replacedertTrue(response.statusCodeWritten);
    replacedertTrue(response.headersWritten);
    replacedertTrue(response.cookiesWritten);
    replacedertTrue(response.body.isEmpty());
    replacedertSame(cookie, response.getCookies().getFirst("ID"));
}

@Test
public void cookies() {
    ResponseCookie cookie = ResponseCookie.from("foo", "bar").build();
    MultiValueMap<String, ResponseCookie> cookies = new LinkedMultiValueMap<>();
    cookies.add("foo", cookie);
    given(mockResponse.getCookies()).willReturn(cookies);
    replacedertThat(defaultClientResponse.cookies()).isSameAs(cookies);
}

@Test
public void shouldGetCookies() {
    ResponseCookie simpleCookie = ResponseCookie.from("key2", "value2").build();
    ResponseCookie complexCookie = ResponseCookie.from("key1", "value1").domain("domain").httpOnly(true).maxAge(1).path("path").secure(true).build();
    given(mockDelegate.cookies()).willReturn(Arrays.asList(simpleCookie.toString(), complexCookie.toString()));
    MultiValueMap<String, ResponseCookie> expectedCookies = new LinkedMultiValueMap<>();
    expectedCookies.add(simpleCookie.getName(), simpleCookie);
    expectedCookies.add(complexCookie.getName(), complexCookie);
    VertxClientHttpResponse response = new VertxClientHttpResponse(mockDelegate, Flux.empty());
    MultiValueMap<String, ResponseCookie> actualCookies = response.getCookies();
    replacedertThat(actualCookies).isEqualTo(expectedCookies);
}

@Test
public void cookies() {
    ResponseCookie cookie = ResponseCookie.from("foo", "bar").build();
    MultiValueMap<String, ResponseCookie> cookies = new LinkedMultiValueMap<>();
    cookies.add("foo", cookie);
    when(mockResponse.getCookies()).thenReturn(cookies);
    replacedertSame(cookies, defaultClientResponse.cookies());
}

@Test
public void cookies() {
    MultiValueMap<String, ResponseCookie> newCookies = new LinkedMultiValueMap<>();
    newCookies.add("name", ResponseCookie.from("name", "value").build());
    Mono<ServerResponse> result = ServerResponse.ok().cookies(cookies -> cookies.addAll(newCookies)).build();
    StepVerifier.create(result).expectNextMatches(response -> newCookies.equals(response.cookies())).expectComplete().verify();
}

@Test
public void cookies() {
    MultiValueMap<String, ResponseCookie> newCookies = new LinkedMultiValueMap<>();
    newCookies.add("name", ResponseCookie.from("name", "value").build());
    Mono<RenderingResponse> result = RenderingResponse.create("foo").cookies(cookies -> cookies.addAll(newCookies)).build();
    StepVerifier.create(result).expectNextMatches(response -> newCookies.equals(response.cookies())).expectComplete().verify();
}

@Test
public void cookies() {
    MultiValueMap<String, ResponseCookie> newCookies = new LinkedMultiValueMap<>();
    newCookies.add("name", ResponseCookie.from("name", "value").build());
    Mono<EnreplacedyResponse<String>> result = EnreplacedyResponse.fromObject("foo").cookies(cookies -> cookies.addAll(newCookies)).build();
    StepVerifier.create(result).expectNextMatches(response -> newCookies.equals(response.cookies())).expectComplete().verify();
}

@Override
public MultiValueMap<String, ResponseCookie> getCookies() {
    MultiValueMap<String, ResponseCookie> result = new LinkedMultiValueMap<>();
    List<String> cookieHeader = getHeaders().get(HttpHeaders.SET_COOKIE);
    if (cookieHeader != null) {
        cookieHeader.forEach(header -> HttpCookie.parse(header).forEach(cookie -> result.add(cookie.getName(), ResponseCookie.from(cookie.getName(), cookie.getValue()).domain(cookie.getDomain()).path(cookie.getPath()).maxAge(cookie.getMaxAge()).secure(cookie.getSecure()).httpOnly(cookie.isHttpOnly()).build())));
    }
    return CollectionUtils.unmodifiableMultiValueMap(result);
}

// SPR-16124
@Test
public void exchangeResultHasCookieHeaders() {
    ExchangeResult result = WebTestClient.bindToWebHandler(exchange -> {
        ServerHttpResponse response = exchange.getResponse();
        if (exchange.getRequest().getURI().getPath().equals("/cookie")) {
            response.addCookie(ResponseCookie.from("a", "alpha").path("/pathA").build());
            response.addCookie(ResponseCookie.from("b", "beta").path("/pathB").build());
        } else {
            response.setStatusCode(HttpStatus.NOT_FOUND);
        }
        return response.setComplete();
    }).build().get().uri("/cookie").cookie("a", "alpha").cookie("b", "beta").exchange().expectStatus().isOk().expectHeader().valueEquals(HttpHeaders.SET_COOKIE, "a=alpha; Path=/pathA", "b=beta; Path=/pathB").expectBody().isEmpty();
    replacedertThat(result.getRequestHeaders().get(HttpHeaders.COOKIE)).isEqualTo(Arrays.asList("a=alpha", "b=beta"));
}

@Test
public void shouldApplyCookies() {
    response.addCookie(ResponseCookie.from("cookie1", "value1").domain("domain1").path("path1").maxAge(1).httpOnly(true).secure(true).build());
    response.addCookie(ResponseCookie.from("cookie1", "value2").domain("domain1").path("path1").maxAge(1).httpOnly(true).secure(true).build());
    response.addCookie(ResponseCookie.from("cookie2", "value3").domain("domain2").path("path2").maxAge(2).httpOnly(false).secure(false).build());
    response.applyCookies();
    // Cookie implementation doesn't override equals, so need to work around to be able to replacedert values
    ArgumentCaptor<Cookie> cookieCaptor = ArgumentCaptor.forClreplaced(Cookie.clreplaced);
    verify(mockRoutingContext, times(3)).addCookie(cookieCaptor.capture());
    replacedertThat(cookieCaptor.getAllValues().get(0)).isEqualToComparingFieldByField(Cookie.cookie("cookie1", "value1").setDomain("domain1").setPath("path1").setMaxAge(1).setHttpOnly(true).setSecure(true));
    replacedertThat(cookieCaptor.getAllValues().get(1)).isEqualToComparingFieldByField(Cookie.cookie("cookie1", "value2").setDomain("domain1").setPath("path1").setMaxAge(1).setHttpOnly(true).setSecure(true));
    replacedertThat(cookieCaptor.getAllValues().get(2)).isEqualToComparingFieldByField(Cookie.cookie("cookie2", "value3").setDomain("domain2").setPath("path2").setMaxAge(2).setHttpOnly(false).setSecure(false));
}

public String createTokenForUser(UserTable userTable) {
    UserRefreshToken userRefreshToken = userRefreshTokenDAO.insert(new UserRefreshToken(userTable.getId(), UUID.randomUUID(), UUID.randomUUID()));
    response.addHeader(HttpHeaders.SET_COOKIE, ResponseCookie.from(SecurityConfig.AUTH_NAME_REFRESH_COOKIE, userRefreshToken.getToken().toString()).path("/").secure(hangarConfig.security.isSecure()).maxAge(hangarConfig.security.getRefreshTokenExpiry().toSeconds()).sameSite("Strict").build().toString());
    return _newToken(userTable, userRefreshToken);
}

@Override
public MultiValueMap<String, ResponseCookie> getCookies() {
    MultiValueMap<String, ResponseCookie> result = new LinkedMultiValueMap<>();
    List<String> cookieHeader = getHeaders().get(HttpHeaders.SET_COOKIE);
    if (cookieHeader != null) {
        cookieHeader.forEach(header -> {
            HttpCookie.parse(header).forEach(cookie -> result.add(cookie.getName(), ResponseCookie.from(cookie.getName(), cookie.getValue()).domain(cookie.getDomain()).path(cookie.getPath()).maxAge(cookie.getMaxAge()).secure(cookie.getSecure()).httpOnly(cookie.isHttpOnly()).build()));
        });
    }
    return CollectionUtils.unmodifiableMultiValueMap(result);
}

Mono<String> cookieCartId(ServerWebExchange exchange) {
    return Mono.fromCallable(() -> {
        final MultiValueMap<String, HttpCookie> cookies = exchange.getRequest().getCookies();
        final String cartId;
        if (cookies.containsKey(CART_ID_COOKIE_NAME)) {
            cartId = cookies.getFirst(CART_ID_COOKIE_NAME).getValue();
        } else {
            cartId = Cart.generateSessionId(this.idGenerator::generateId);
            final ResponseCookie cookie = ResponseCookie.from(CART_ID_COOKIE_NAME, cartId).maxAge(Duration.ofDays(3)).httpOnly(true).path("/").build();
            exchange.getResponse().addCookie(cookie);
        }
        return cartId;
    });
}

/**
 * {@inheritDoc}
 */
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
    if (exchange.getRequest().getCookies().get(CSRF_COOKIE_NAME) != null) {
        return chain.filter(exchange);
    }
    return Mono.just(exchange).publishOn(Schedulers.boundedElastic()).flatMap(it -> it.getAttributeOrDefault(CsrfToken.clreplaced.getName(), Mono.<CsrfToken>empty())).doOnNext(token -> {
        ResponseCookie cookie = ResponseCookie.from(CSRF_COOKIE_NAME, token.getToken()).maxAge(-1).httpOnly(false).path(getRequestContext(exchange.getRequest())).secure(Optional.ofNullable(exchange.getRequest().getSslInfo()).isPresent()).build();
        exchange.getResponse().getCookies().add(CSRF_COOKIE_NAME, cookie);
    }).then(Mono.defer(() -> chain.filter(exchange)));
}

// SPR-16124
@Test
public void exchangeResultHasCookieHeaders() {
    ExchangeResult result = WebTestClient.bindToWebHandler(exchange -> {
        ServerHttpResponse response = exchange.getResponse();
        if (exchange.getRequest().getURI().getPath().equals("/cookie")) {
            response.addCookie(ResponseCookie.from("a", "alpha").path("/pathA").build());
            response.addCookie(ResponseCookie.from("b", "beta").path("/pathB").build());
        } else {
            response.setStatusCode(HttpStatus.NOT_FOUND);
        }
        return response.setComplete();
    }).build().get().uri("/cookie").cookie("a", "alpha").cookie("b", "beta").exchange().expectStatus().isOk().expectHeader().valueEquals(HttpHeaders.SET_COOKIE, "a=alpha; Path=/pathA", "b=beta; Path=/pathB").expectBody().isEmpty();
    replacedertEquals(Arrays.asList("a=alpha", "b=beta"), result.getRequestHeaders().get(HttpHeaders.COOKIE));
}

@Test
void beforeCommitActionWithSetComplete() {
    ResponseCookie cookie = ResponseCookie.from("ID", "123").build();
    TestServerHttpResponse response = new TestServerHttpResponse();
    response.beforeCommit(() -> {
        response.getCookies().add(cookie.getName(), cookie);
        return Mono.empty();
    });
    response.setComplete().block();
    replacedertThat(response.statusCodeWritten).isTrue();
    replacedertThat(response.headersWritten).isTrue();
    replacedertThat(response.cookiesWritten).isTrue();
    replacedertThat(response.body.isEmpty()).isTrue();
    replacedertThat(response.getCookies().getFirst("ID")).isSameAs(cookie);
}

@Test
void beforeCommitWithComplete() {
    ResponseCookie cookie = ResponseCookie.from("ID", "123").build();
    TestServerHttpResponse response = new TestServerHttpResponse();
    response.beforeCommit(() -> Mono.fromRunnable(() -> response.getCookies().add(cookie.getName(), cookie)));
    response.writeWith(Flux.just(wrap("a"), wrap("b"), wrap("c"))).block();
    replacedertThat(response.statusCodeWritten).isTrue();
    replacedertThat(response.headersWritten).isTrue();
    replacedertThat(response.cookiesWritten).isTrue();
    replacedertThat(response.getCookies().getFirst("ID")).isSameAs(cookie);
    replacedertThat(response.body.size()).isEqualTo(3);
    replacedertThat(new String(response.body.get(0).asByteBuffer().array(), StandardCharsets.UTF_8)).isEqualTo("a");
    replacedertThat(new String(response.body.get(1).asByteBuffer().array(), StandardCharsets.UTF_8)).isEqualTo("b");
    replacedertThat(new String(response.body.get(2).asByteBuffer().array(), StandardCharsets.UTF_8)).isEqualTo("c");
}

@PostMapping("/login")
public ResponseEnreplacedy<String> login(String username, String preplacedword) {
    AppUserRecord appUserRecord = this.dsl.selectFrom(APP_USER).where(APP_USER.EMAIL.eq(username)).fetchOne();
    if (appUserRecord != null) {
        boolean pwMatches = this.preplacedwordEncoder.matches(preplacedword, appUserRecord.getPreplacedwordHash());
        if (pwMatches && appUserRecord.getEnabled().booleanValue()) {
            String sessionId = this.tokenService.createToken();
            AppSessionRecord record = this.dsl.newRecord(APP_SESSION);
            record.setId(sessionId);
            record.setAppUserId(appUserRecord.getId());
            record.setValidUntil(LocalDateTime.now().plus(this.appProperties.getCookieMaxAge()));
            record.store();
            ResponseCookie cookie = ResponseCookie.from(AuthCookieFilter.COOKIE_NAME, sessionId).maxAge(this.appProperties.getCookieMaxAge()).sameSite("Strict").path("/").httpOnly(true).secure(this.appProperties.isSecureCookie()).build();
            return ResponseEnreplacedy.ok().header(HttpHeaders.SET_COOKIE, cookie.toString()).body(appUserRecord.getAuthority());
        }
    } else {
        this.preplacedwordEncoder.matches(preplacedword, this.userNotFoundEncodedPreplacedword);
    }
    return ResponseEnreplacedy.status(HttpStatus.UNAUTHORIZED).build();
}

@Test
public void build() {
    ResponseCookie cookie = ResponseCookie.from("name", "value").build();
    Mono<ServerResponse> result = ServerResponse.status(HttpStatus.CREATED).header("MyKey", "MyValue").cookie(cookie).build();
    MockServerHttpRequest request = MockServerHttpRequest.get("https://example.com").build();
    MockServerWebExchange exchange = MockServerWebExchange.from(request);
    result.flatMap(res -> res.writeTo(exchange, EMPTY_CONTEXT)).block();
    MockServerHttpResponse response = exchange.getResponse();
    replacedertEquals(HttpStatus.CREATED, response.getStatusCode());
    replacedertEquals("MyValue", response.getHeaders().getFirst("MyKey"));
    replacedertEquals("value", response.getCookies().getFirst("name").getValue());
    StepVerifier.create(response.getBody()).expectComplete().verify();
}

@Test
public void build() {
    ResponseCookie cookie = ResponseCookie.from("name", "value").build();
    Mono<ServerResponse> result = ServerResponse.status(HttpStatus.CREATED).header("MyKey", "MyValue").cookie(cookie).build();
    MockServerHttpRequest request = MockServerHttpRequest.get("http://example.com").build();
    MockServerWebExchange exchange = MockServerWebExchange.from(request);
    result.flatMap(res -> res.writeTo(exchange, EMPTY_CONTEXT)).block();
    MockServerHttpResponse response = exchange.getResponse();
    replacedertEquals(HttpStatus.CREATED, response.getStatusCode());
    replacedertEquals("MyValue", response.getHeaders().getFirst("MyKey"));
    replacedertEquals("value", response.getCookies().getFirst("name").getValue());
    StepVerifier.create(response.getBody()).expectComplete().verify();
}

@PostMapping(path = "checkout")
public Mono<String> checkout(@AuthenticationPrincipal ShopUser user, Cart cart, Model model, Order order, BindingResult bindingResult, @RegisteredOAuth2AuthorizedClient("sock") OAuth2AuthorizedClient authorizedClient, ServerWebExchange exchange) {
    final ConstraintViolations violations = order.validate();
    if (!violations.isValid()) {
        violations.apply(bindingResult::rejectValue);
        return this.checkoutForm(cart, model);
    }
    final Mono<OrderResponse> orderResponse = user == null ? this.orderService.placeOrderWithoutLogin(cart, order, authorizedClient) : this.orderService.placeOrderWithLogin(user, cart, order);
    return orderResponse.doOnSuccess(__ -> exchange.getResponse().addCookie(ResponseCookie.from(CART_ID_COOKIE_NAME, "deleted").maxAge(0).httpOnly(true).path("/").build())).thenReturn("redirect:/").onErrorResume(RuntimeException.clreplaced, e -> {
        final String message = e.getMessage();
        log.warn(message, e);
        model.addAttribute("errorMessage", message);
        return this.checkoutForm(cart, model);
    });
}

@Test
public void build() {
    ResponseCookie cookie = ResponseCookie.from("name", "value").build();
    Mono<ServerResponse> result = ServerResponse.status(HttpStatus.CREATED).header("MyKey", "MyValue").cookie(cookie).build();
    MockServerHttpRequest request = MockServerHttpRequest.get("https://example.com").build();
    MockServerWebExchange exchange = MockServerWebExchange.from(request);
    result.flatMap(res -> res.writeTo(exchange, EMPTY_CONTEXT)).block();
    MockServerHttpResponse response = exchange.getResponse();
    replacedertThat(response.getStatusCode()).isEqualTo(HttpStatus.CREATED);
    replacedertThat(response.getHeaders().getFirst("MyKey")).isEqualTo("MyValue");
    replacedertThat(response.getCookies().getFirst("name").getValue()).isEqualTo("value");
    StepVerifier.create(response.getBody()).expectComplete().verify();
}

See More Examples