1

I am using Angular as the frontend and when the user tries to login and then we will fire a post request to Server(Java+REST with Jersey), which will respond with cookies.

Server Code:

@Path("/SampleApi/readCookies")
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response readCookiesAlongWithJsonData(@Context HttpHeaders headers, String inputJsonObj)
{
    Map<String, Cookie> cookies = headers.getCookies();
    
    String maptoJSON = null;
    JsonObject jsonObject = new JsonParser().parse(inputJsonObj).getAsJsonObject();
    
    String encodedJWT  = JWTEncodeDecode.createJWT(userId.toString(), maptoJSON, tenant, 10000);
    
    NewCookie jwtCookie = null;
    if(cookies != null && cookies.size() > 0 &&  cookies.get("JWT_Token") != null && cookies.get("JWT_Token").getValue() != null)
        jwtCookie = new NewCookie("JWT_Token", cookies.get("JWT_Token").getValue());
    else
        jwtCookie = new NewCookie("JWT_Token", encodedJWT);
    return  Response.ok().entity("Valid").cookie(jwtCookie).build();
    
    
}

when I try to use this method using postman, I can read and write cookies, but in Angular through API, call the cookies are not available. I can't create cookies in Angular as there needs to be some authentication process that happens at the server which will generate cookies.

Angular Code

this.http.post("http://localhost:9090/restfuljersey/rest/service//SampleApi/readCookies", 
      formData, {observe: 'response'})
      .subscribe( response =>
        {
          console.log(response);
        }, errors =>
        {
          console.error(errors);
        }

      );

Server Response enter image description here

Response headers when printed using console.log enter image description here

Vineel Pellella
  • 332
  • 2
  • 4
  • 20
  • Can you share the Angular code you use to create cookies? – Mario Varchmin May 18 '21 at 15:20
  • I didn't wrote any Angular code for saving the cookies. As cookies will come from the server response, I am unable to retrieve them from response headers. Updated the info in the question itself. – Vineel Pellella May 18 '21 at 15:54
  • 1
    If I understand your question correctly, I believe you just need to set the [`withCredentials`](https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials) flag. See [this post](https://stackoverflow.com/q/52834007/2587435). [See also](https://stackoverflow.com/a/42309828/2587435). – Paul Samsotha May 19 '21 at 04:07
  • Thanks @PaulSamsotha withCredentials flag solved my issue – Vineel Pellella May 19 '21 at 06:33

1 Answers1

0

You need to add the withCredentials so that XHR requests will send the cookie back to the server.

The XMLHttpRequest.withCredentials property is a Boolean that indicates whether or not cross-site Access-Control requests should be made using credentials such as cookies, authorization headers or TLS client certificates. Setting withCredentials has no effect on same-site requests.

this.http.post("url", formData, {
  observe: 'response',
  withCredentials: true
})

Or if you want to add this to all requests, see this post

Paul Samsotha
  • 205,037
  • 37
  • 486
  • 720