Example 1 with CookieSession
use of io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.CookieSession in project gravitee-access-management by gravitee-io.
the class AuthenticationFlowContextHandler method handle.
@Override
public void handle(RoutingContext context) {
CookieSession session = (CookieSession) context.session().getDelegate();
if (session != null && !session.isDestroyed()) {
final String transactionId = session.get(ConstantKeys.TRANSACTION_ID_KEY);
final int version = ofNullable((Number) session.get(AUTH_FLOW_CONTEXT_VERSION_KEY)).map(Number::intValue).orElse(1);
authenticationFlowContextService.loadContext(transactionId, version).subscribe(ctx -> {
// store the AuthenticationFlowContext in order to provide all related information about this context
context.put(ConstantKeys.AUTH_FLOW_CONTEXT_KEY, ctx);
// store only the AuthenticationFlowContext.data attributes in order to simplify EL templating
// and provide an up to date set of data if the enrichAuthFlow Policy is used multiple time in a step
// {#context.attributes['authFlow']['entry']}
context.put(ConstantKeys.AUTH_FLOW_CONTEXT_ATTRIBUTES_KEY, ctx.getData());
context.next();
}, error -> {
LOGGER.warn("AuthenticationFlowContext can't be loaded", error);
if (exitOnError) {
context.fail(error);
} else {
context.next();
}
});
}
}
Also used :
CookieSession(io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.CookieSession)
Example 2 with CookieSession
use of io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.CookieSession in project gravitee-access-management by gravitee-io.
the class SSOSessionHandler method checkAccountStatus.
private void checkAccountStatus(RoutingContext context, io.gravitee.am.model.User user, Handler<AsyncResult<Void>> handler) {
// if user is disabled, sign out the user
if (!user.isEnabled()) {
handler.handle(Future.failedFuture(new AccountDisabledException(user.getId())));
return;
}
// if user has reset its password, check the last login date to make sure that the current session is not compromised
CookieSession session = (CookieSession) context.session().getDelegate();
if (user.getLastPasswordReset() != null && // we need to compare both dates without the milliseconds
user.getLastPasswordReset().getTime() - session.lastLogin().getTime() > 1000) {
handler.handle(Future.failedFuture(new AccountIllegalStateException(user.getId())));
return;
}
// if user has been sign out in a REST manner way, check the last login date to make sure that the current session is not compromised
if (user.getLastLogoutAt() != null && // we need to compare both dates without the milliseconds
user.getLastLogoutAt().getTime() - session.lastLogin().getTime() > 1000) {
handler.handle(Future.failedFuture(new AccountIllegalStateException(user.getId())));
return;
}
// continue
handler.handle(Future.succeededFuture());
}
Also used :
AccountIllegalStateException(io.gravitee.am.common.exception.authentication.AccountIllegalStateException)
CookieSession(io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.CookieSession)
AccountDisabledException(io.gravitee.am.common.exception.authentication.AccountDisabledException)
Aggregations
CookieSession (io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.CookieSession)2
AccountDisabledException (io.gravitee.am.common.exception.authentication.AccountDisabledException)1
AccountIllegalStateException (io.gravitee.am.common.exception.authentication.AccountIllegalStateException)1
