From fb1b419adaca16394e773f992a71d60930803340 Mon Sep 17 00:00:00 2001
From: Marten Muru <marten.muru@nortal.com>
Date: Fri, 13 Dec 2024 13:34:45 +0200
Subject: [PATCH] AUT-2054 Set session cookie secure attribute to true

---
 .../ria/govsso/client/configuration/CookieConfiguration.java | 5 ++++-
 src/main/resources/application.yml                           | 4 ----
 src/test/resources/application.yml                           | 4 ----
 3 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/src/main/java/ee/ria/govsso/client/configuration/CookieConfiguration.java b/src/main/java/ee/ria/govsso/client/configuration/CookieConfiguration.java
index f0ed5e9..cad813c 100644
--- a/src/main/java/ee/ria/govsso/client/configuration/CookieConfiguration.java
+++ b/src/main/java/ee/ria/govsso/client/configuration/CookieConfiguration.java
@@ -32,6 +32,9 @@ CookieSameSiteSupplier csrfCookieSameSiteSupplier() {
 
     @Bean
     public ServletContextInitializer servletContextInitializer() {
-        return servletContext -> servletContext.getSessionCookieConfig().setName(COOKIE_NAME_SESSION);
+        return servletContext -> {
+            servletContext.getSessionCookieConfig().setName(COOKIE_NAME_SESSION);
+            servletContext.getSessionCookieConfig().setSecure(true);
+        };
     }
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 98c3137..ce5abd2 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -24,10 +24,6 @@ server:
   forward-headers-strategy: NONE # Under main this cannot be enabled by default, because docker-compose.yml doesn't have another proxy in front of this application that would always set X-Forwarded-For header. X-Forwarded-For value that could be set outside of your own infrastructure, cannot be trusted.
   # Use same port as govsso-session/docker-compose.yml.
   port: 11443
-  servlet:
-    session:
-      cookie:
-        secure=true:
   ssl:
     enabled: true
     key-store-password: changeit
diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml
index 9f3a07b..10c5a37 100644
--- a/src/test/resources/application.yml
+++ b/src/test/resources/application.yml
@@ -18,10 +18,6 @@ management:
 
 server:
   forward-headers-strategy: NATIVE
-  servlet:
-    session:
-      cookie:
-        secure=false:
 
 spring:
   main: