goadesign
diff --git a/‎dsl/http.go‎
Lines changed: 172 additions & 0 deletions b/‎dsl/http.go‎
Lines changed: 172 additions & 0 deletions
diff --git a/‎expr/http_cookie_test.go‎
Lines changed: 77 additions & 0 deletions b/‎expr/http_cookie_test.go‎
Lines changed: 77 additions & 0 deletions
diff --git a/‎expr/http_response.go‎
Lines changed: 55 additions & 0 deletions b/‎expr/http_response.go‎
Lines changed: 55 additions & 0 deletions
@@ -1,6 +1,7 @@
 package dsl
 
 import (
+	"fmt"
 	"strconv"
 	"strings"
 
@@ -633,6 +634,177 @@ func CookieSameSite(s expr.CookieSameSiteValue) {
 	cookieAttribute("same-site", string(s))
 }
 
+// cookieAttrBindingsExpr is the transient eval context opened by
+// CookieAttributes. It wraps the cookie's underlying AttributeExpr inside the
+// response Cookies object so the Cookie...From binders can write per-cookie
+// binding metadata onto the right attribute.
+type cookieAttrBindingsExpr struct {
+	// Attr is the cookie attribute that binders annotate.
+	Attr *expr.AttributeExpr
+	// Name is the cookie attribute name used for diagnostics.
+	Name string
+}
+
+// EvalName returns the qualified name of the cookie binding context.
+func (c *cookieAttrBindingsExpr) EvalName() string {
+	return fmt.Sprintf("CookieAttributes(%q)", c.Name)
+}
+
+// CookieAttributes opens a per-cookie attribute binding context for the named
+// cookie defined in the enclosing Response. Inside the closure, the
+// MaxAgeFrom, DomainFrom, PathFrom, SecureFrom, HTTPOnlyFrom and SameSiteFrom
+// functions bind cookie attributes (Max-Age, Domain, Path, Secure, HttpOnly,
+// SameSite) to result type attributes computed at runtime by the service
+// method. The bindings apply only to the named cookie. The server populates
+// the cookie attributes from the bound result fields when emitting the
+// response, and the client decodes the corresponding HTTP cookie attributes
+// back into the same result fields.
+//
+// Bindings are additive to and take precedence over the response-wide literal
+// metadata set by CookieMaxAge, CookieDomain, CookiePath, CookieSecure,
+// CookieHTTPOnly and CookieSameSite.
+//
+// CookieAttributes must appear in a Response expression. The first argument is
+// the attribute-side cookie name (the part before the colon in
+// `Cookie("attr:cookie")`).
+//
+// Example:
+//
+//	var LoginResult = ResultType("application/vnd.login", func() {
+//	    Attributes(func() {
+//	        Attribute("sessionID", String)
+//	        Attribute("expiresIn", Int)
+//	        Attribute("cookieDomain", String)
+//	        Attribute("cookiePath", String)
+//	        Attribute("isSecure", Boolean)
+//	        Attribute("isHTTPOnly", Boolean)
+//	        Attribute("sameSite", String)
+//	    })
+//	    Required("sessionID", "expiresIn", "cookieDomain", "cookiePath",
+//	        "isSecure", "isHTTPOnly", "sameSite")
+//	})
+//
+//	Method("login", func() {
+//	    Result(LoginResult)
+//	    HTTP(func() {
+//	        POST("/login")
+//	        Response(StatusOK, func() {
+//	            Cookie("sessionID:SID", String)
+//	            CookieAttributes("sessionID", func() {
+//	                MaxAgeFrom("expiresIn")
+//	                DomainFrom("cookieDomain")
+//	                PathFrom("cookiePath")
+//	                SecureFrom("isSecure")
+//	                HTTPOnlyFrom("isHTTPOnly")
+//	                SameSiteFrom("sameSite")
+//	            })
+//	        })
+//	    })
+//	})
+func CookieAttributes(name string, fn func()) {
+	r, ok := eval.Current().(*expr.HTTPResponseExpr)
+	if !ok {
+		eval.IncompatibleDSL()
+		return
+	}
+	if name == "" {
+		eval.ReportError("cookie name cannot be empty")
+		return
+	}
+	if r.Cookies == nil {
+		eval.ReportError("CookieAttributes references cookie %q but no cookie has been declared in the response", name)
+		return
+	}
+	obj := expr.AsObject(r.Cookies.Type)
+	if obj == nil {
+		eval.ReportError("CookieAttributes references cookie %q but the response cookie set is not an object", name)
+		return
+	}
+	attr := obj.Attribute(name)
+	if attr == nil {
+		eval.ReportError("CookieAttributes references cookie %q which has not been declared with Cookie() in the same Response", name)
+		return
+	}
+	eval.Execute(fn, &cookieAttrBindingsExpr{Attr: attr, Name: name})
+}
+
+// MaxAgeFrom binds the enclosing cookie's "Max-Age" attribute to a result
+// type attribute. The referenced attribute must be of an integer primitive
+// type. The server populates http.Cookie.MaxAge from this result field; the
+// client decodes c.MaxAge back into the same field.
+//
+// MaxAgeFrom must appear in a CookieAttributes expression.
+func MaxAgeFrom(attr string) {
+	cookieFromBinding("max-age", attr)
+}
+
+// DomainFrom binds the enclosing cookie's "Domain" attribute to a result
+// type attribute. The referenced attribute must be of type String. The server
+// populates http.Cookie.Domain from this result field; the client decodes
+// c.Domain back into the same field.
+//
+// DomainFrom must appear in a CookieAttributes expression.
+func DomainFrom(attr string) {
+	cookieFromBinding("domain", attr)
+}
+
+// PathFrom binds the enclosing cookie's "Path" attribute to a result type
+// attribute. The referenced attribute must be of type String. The server
+// populates http.Cookie.Path from this result field; the client decodes
+// c.Path back into the same field.
+//
+// PathFrom must appear in a CookieAttributes expression.
+func PathFrom(attr string) {
+	cookieFromBinding("path", attr)
+}
+
+// SecureFrom binds the enclosing cookie's "Secure" attribute to a result
+// type attribute. The referenced attribute must be of type Boolean. The
+// server populates http.Cookie.Secure from this result field; the client
+// decodes c.Secure back into the same field.
+//
+// SecureFrom must appear in a CookieAttributes expression.
+func SecureFrom(attr string) {
+	cookieFromBinding("secure", attr)
+}
+
+// HTTPOnlyFrom binds the enclosing cookie's "HttpOnly" attribute to a result
+// type attribute. The referenced attribute must be of type Boolean. The
+// server populates http.Cookie.HttpOnly from this result field; the client
+// decodes c.HttpOnly back into the same field.
+//
+// HTTPOnlyFrom must appear in a CookieAttributes expression.
+func HTTPOnlyFrom(attr string) {
+	cookieFromBinding("http-only", attr)
+}
+
+// SameSiteFrom binds the enclosing cookie's "SameSite" attribute to a result
+// type attribute. The referenced attribute must be of type String and at
+// runtime must hold one of the values of CookieSameSiteStrict,
+// CookieSameSiteLax, CookieSameSiteNone or CookieSameSiteDefault. The server
+// populates http.Cookie.SameSite from this result field; the client decodes
+// c.SameSite back into the same field.
+//
+// SameSiteFrom must appear in a CookieAttributes expression.
+func SameSiteFrom(attr string) {
+	cookieFromBinding("same-site", attr)
+}
+
+// cookieFromBinding records a per-cookie attribute binding on the cookie
+// attribute carried by the surrounding CookieAttributes context.
+func cookieFromBinding(kind, attr string) {
+	c, ok := eval.Current().(*cookieAttrBindingsExpr)
+	if !ok {
+		eval.IncompatibleDSL()
+		return
+	}
+	if attr == "" {
+		eval.ReportError("attribute name cannot be empty")
+		return
+	}
+	c.Attr.AddMeta("cookie:"+kind+":from", attr)
+}
+
 // Params groups a set of Param expressions. It makes it possible to list
 // required parameters using the Required function.
 //
 
@@ -1,9 +1,12 @@
 package expr_test
 
 import (
+	"errors"
 	"fmt"
+	"strings"
 	"testing"
 
+	"goa.design/goa/v3/eval"
 	"goa.design/goa/v3/expr"
 	"goa.design/goa/v3/expr/testdata"
 )
@@ -48,3 +51,77 @@ func TestHTTPResponseCookie(t *testing.T) {
 		})
 	}
 }
+
+func TestHTTPResponseCookieAttrBindings(t *testing.T) {
+	root := expr.RunDSL(t, testdata.CookieAttrBindingsDSL)
+	cookies := root.API.HTTP.Services[len(root.API.HTTP.Services)-1].HTTPEndpoints[0].Responses[0].Cookies
+	obj := expr.AsObject(cookies.Type)
+	if len(*obj) != 1 {
+		t.Fatalf("got %d cookies, expected 1", len(*obj))
+	}
+	cookie := (*obj)[0].Attribute
+	cases := map[string]string{
+		"cookie:max-age:from":   "expiresIn",
+		"cookie:domain:from":    "cookieDomain",
+		"cookie:path:from":      "cookiePath",
+		"cookie:secure:from":    "isSecure",
+		"cookie:http-only:from": "isHTTPOnly",
+		"cookie:same-site:from": "sameSite",
+	}
+	for k, want := range cases {
+		got, ok := cookie.Meta[k]
+		if !ok {
+			t.Errorf("cookie metadata %q missing", k)
+			continue
+		}
+		if len(got) != 1 || got[0] != want {
+			t.Errorf("cookie metadata %q = %v, want [%q]", k, got, want)
+		}
+	}
+}
+
+func TestHTTPResponseCookieAttrBindingValidation(t *testing.T) {
+	cases := []struct {
+		Name string
+		DSL  func()
+		Want string
+	}{
+		{
+			"missing-attr",
+			testdata.CookieAttrBindingMissingAttrDSL,
+			"binds Max-Age to attribute \"doesNotExist\"",
+		},
+		{
+			"wrong-type",
+			testdata.CookieAttrBindingWrongTypeDSL,
+			"binds Max-Age to attribute \"expiresIn\" but it must be an integer",
+		},
+		{
+			"undeclared-cookie",
+			testdata.CookieAttrBindingUndeclaredDSL,
+			"CookieAttributes references cookie \"notDeclared\"",
+		},
+	}
+	for _, c := range cases {
+		t.Run(c.Name, func(t *testing.T) {
+			err := expr.RunInvalidDSL(t, c.DSL)
+			if err == nil {
+				t.Fatalf("expected validation error containing %q", c.Want)
+			}
+			var msg string
+			var verr *eval.ValidationErrors
+			if errors.As(err, &verr) {
+				msgs := make([]string, len(verr.Errors))
+				for i, e := range verr.Errors {
+					msgs[i] = e.Error()
+				}
+				msg = strings.Join(msgs, "\n")
+			} else {
+				msg = err.Error()
+			}
+			if !strings.Contains(msg, c.Want) {
+				t.Fatalf("expected error to contain %q, got: %s", c.Want, msg)
+			}
+		})
+	}
+}
@@ -229,6 +229,7 @@ func (r *HTTPResponseExpr) Validate(e *HTTPEndpointExpr) *eval.ValidationErrors
 				if !IsPrimitive(t) {
 					verr.Add(e, "attribute %q used in HTTP cookies must be a primitive type.", c.Name)
 				}
+				verr.Merge(validateCookieAttrBindings(r, c.Name, c.Attribute, resultAttributeType, inview))
 			}
 		default:
 			if len(*AsObject(r.Cookies.Type)) > 1 {
@@ -391,6 +392,60 @@ func (r *HTTPResponseExpr) mapUnmappedAttrs(svcAtt *AttributeExpr) {
 	}
 }
 
+// validateCookieAttrBindings validates the per-cookie attribute bindings
+// (Max-Age, Domain, Path, Secure, HttpOnly, SameSite) recorded as
+// "cookie:<kind>:from" metadata on the cookie attribute. It checks that each
+// referenced result attribute exists and is of the kind expected by the bound
+// cookie property.
+func validateCookieAttrBindings(r *HTTPResponseExpr, cookieName string, cookieAttr *AttributeExpr, resultAttributeType func(string) DataType, inview string) *eval.ValidationErrors {
+	verr := new(eval.ValidationErrors)
+	if cookieAttr == nil || len(cookieAttr.Meta) == 0 {
+		return verr
+	}
+	bindings := []struct {
+		key  string
+		kind string
+		want string
+		ok   func(DataType) bool
+	}{
+		{"cookie:max-age:from", "Max-Age", "an integer", func(t DataType) bool {
+			k := t.Kind()
+			return k == IntKind || k == Int32Kind || k == Int64Kind || k == UIntKind || k == UInt32Kind || k == UInt64Kind
+		}},
+		{"cookie:domain:from", "Domain", "a string", func(t DataType) bool {
+			return t.Kind() == StringKind
+		}},
+		{"cookie:path:from", "Path", "a string", func(t DataType) bool {
+			return t.Kind() == StringKind
+		}},
+		{"cookie:secure:from", "Secure", "a boolean", func(t DataType) bool {
+			return t.Kind() == BooleanKind
+		}},
+		{"cookie:http-only:from", "HttpOnly", "a boolean", func(t DataType) bool {
+			return t.Kind() == BooleanKind
+		}},
+		{"cookie:same-site:from", "SameSite", "a string", func(t DataType) bool {
+			return t.Kind() == StringKind
+		}},
+	}
+	for _, b := range bindings {
+		v, ok := cookieAttr.Meta[b.key]
+		if !ok || len(v) == 0 {
+			continue
+		}
+		attrName := v[0]
+		t := resultAttributeType(attrName)
+		if t == nil {
+			verr.Add(r, "cookie %q binds %s to attribute %q which has no equivalent attribute in%s result type", cookieName, b.kind, attrName, inview)
+			continue
+		}
+		if !b.ok(t) {
+			verr.Add(r, "cookie %q binds %s to attribute %q but it must be %s", cookieName, b.kind, attrName, b.want)
+		}
+	}
+	return verr
+}
+
 // bodyAllowedForStatus reports whether a given response status code
 // permits a body. See RFC 2616, section 4.4.
 // See https://golang.org/src/net/http/transfer.go