use of com.tremolosecurity.idp.providers.oidc.session.OidcSessionExpires in project OpenUnison by TremoloSecurity.
the class TokenData method createUserSession.
public OidcSessionState createUserSession(HttpServletRequest request, String clientID, UrlHolder holder, OpenIDConnectTrust trust, String dn, ConfigManager cfgMgr, OpenIDConnectAccessToken access, String nonce, String authChain, JSONObject existingClaims, JSONObject actor) throws UnsupportedEncodingException, IOException, ServletException, MalformedURLException {
String sessionID = UUID.randomUUID().toString();
String encryptedSessionID = null;
try {
encryptedSessionID = this.encryptToken(this.sessionKeyName, new Gson(), sessionID);
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException | IllegalBlockSizeException | BadPaddingException e2) {
throw new ServletException("Could not generate session id", e2);
}
HashMap<String, String> extraAttribs = new HashMap<String, String>();
extraAttribs.put("session_id", encryptedSessionID);
String accessToken = null;
try {
accessToken = this.produceJWT(this.generateClaims(dn, cfgMgr, new URL(request.getRequestURL().toString()), trust, nonce, extraAttribs, request, authChain, existingClaims, actor), cfgMgr).getCompactSerialization();
} catch (JoseException | LDAPException | ProvisioningException e1) {
throw new ServletException("Could not generate jwt", e1);
}
access.setAccess_token(accessToken);
access.setExpires_in((int) (trust.getAccessTokenTimeToLive() / 1000));
try {
JwtClaims claims = this.generateClaims(dn, cfgMgr, new URL(request.getRequestURL().toString()), trust, nonce, null, request, authChain, existingClaims, actor);
access.setIdTokenId(claims.getJwtId());
access.setId_token(this.produceJWT(claims, cfgMgr).getCompactSerialization());
} catch (Exception e) {
throw new ServletException("Could not generate JWT", e);
}
access.setToken_type("Bearer");
OidcSessionState oidcSession = null;
try {
oidcSession = this.storeSession(access, holder.getApp(), trust.getCodeLastmileKeyName(), clientID, dn, sessionID);
if (!(this.sessionStore instanceof NoneBackend)) {
request.getSession().setAttribute(SessionManagerImpl.TREMOLO_EXTERNAL_SESSION, new OidcSessionExpires(oidcSession.getSessionID(), this.sessionStore));
}
} catch (Exception e) {
throw new ServletException("Could not store session", e);
}
LogoutUtil.insertFirstLogoutHandler(request, new ClearOidcSessionOnLogout(oidcSession, this));
return oidcSession;
}
Aggregations