Release

CHANGELOG.md

@@ -1,3 +1,7 @@
+# 2.2.2
+* oauth2-oidc-remember-me
+  * Handle cookie path correctly
+
 # 2.2.1
 * Use `ConcurrentReferenceHashMap` in favor of `Collections.synchronizedMap(new WeakHashMap<>())` to improve performance
 

demo/pom.xml

@@ -22,7 +22,7 @@
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 
 		<!-- Dependency Version Groups -->
-		<com.vaadin.version>25.1.1</com.vaadin.version>
+		<com.vaadin.version>25.1.2</com.vaadin.version>
 
 		<org.springframework.boot.version>4.0.5</org.springframework.boot.version>
 	</properties>

oauth2-oidc-remember-me/src/main/java/software/xdev/sse/oauth2/rememberme/OAuth2CookieRememberMeServices.java

@@ -608,7 +608,7 @@ protected Cookie buildCookie(final String name, final String value)
 		cookie.setHttpOnly(true);
 		cookie.setSecure(this.cookieSecureService.isSecure());
 		cookie.setMaxAge((int)this.config.getExpiration().toSeconds());
-		cookie.setPath("/");
+		cookie.setPath(this.config.getCookiePath());
 		return cookie;
 	}
 
@@ -691,6 +691,9 @@ protected void deleteCookie(final Cookie cookie, final HttpServletResponse respo
 	{
 		// Expire cookie
 		cookie.setMaxAge(0);
+		// Set path correctly or browser will ignore it
+		cookie.setPath(this.config.getCookiePath());
+
 		response.addCookie(cookie);
 
 		LOG.debug("Expiring Cookie[name='{}']", cookie.getName());

oauth2-oidc-remember-me/src/main/java/software/xdev/sse/oauth2/rememberme/config/OAuth2CookieRememberMeServicesConfig.java

@@ -30,6 +30,8 @@ public class OAuth2CookieRememberMeServicesConfig
 	private String payloadCookieName = "AC"; // Auth Cache
 	@NotEmpty
 	private String idCookieName = "ACID"; // Auth Cache Identifier
+	@NotEmpty
+	private String cookiePath = "/";
 
 	@NotNull
 	private Duration expiration = Duration.ofDays(3);
@@ -76,6 +78,16 @@ public void setIdCookieName(final String idCookieName)
 		this.idCookieName = idCookieName;
 	}
 
+	public String getCookiePath()
+	{
+		return this.cookiePath;
+	}
+
+	public void setCookiePath(final String cookiePath)
+	{
+		this.cookiePath = cookiePath;
+	}
+
 	public Duration getExpiration()
 	{
 		return this.expiration;
@@ -98,7 +110,7 @@ public void setMaxPerUser(final int maxPerUser)
 
 	public OAuth2CookieRememberMeServicesCleanupScheduleConfig getCleanupSchedule()
 	{
-		return cleanupSchedule;
+		return this.cleanupSchedule;
 	}
 
 	public void setCleanupSchedule(final OAuth2CookieRememberMeServicesCleanupScheduleConfig cleanupSchedule)
@@ -116,6 +128,8 @@ public String toString()
 			+ this.payloadCookieName
 			+ "', idCookieName='"
 			+ this.idCookieName
+			+ "', cookiePath='"
+			+ this.cookiePath
 			+ "', expiration="
 			+ this.expiration
 			+ ", maxPerUser="

vaadin/pom.xml

@@ -62,7 +62,7 @@
 			<dependency>
 				<groupId>com.vaadin</groupId>
 				<artifactId>vaadin-bom</artifactId>
-				<version>25.1.1</version>
+				<version>25.1.2</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>