Examples with SessionId org.gluu.oxauth.model.common.SessionId used on opensource projects

Example 11 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class Authenticator method prepareAuthenticationForStep.

public String prepareAuthenticationForStep() {
    SessionId sessionId = sessionIdService.getSessionId();
    lastResult = prepareAuthenticationForStep(sessionId);
    if (Constants.RESULT_SUCCESS.equals(lastResult)) {
    } else if (Constants.RESULT_FAILURE.equals(lastResult)) {
        handleScriptError();
    } else if (Constants.RESULT_NO_PERMISSIONS.equals(lastResult)) {
        handlePermissionsError();
    } else if (Constants.RESULT_EXPIRED.equals(lastResult)) {
        handleSessionInvalid();
    }
    return lastResult;
}

Example 12 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class SelectAccountAction method prepare.

@PostConstruct
public void prepare() {
    currentSessions = Lists.newArrayList();
    Set<String> uids = Sets.newHashSet();
    for (SessionId sessionId : sessionIdService.getCurrentSessions()) {
        final User user = sessionIdService.getUser(sessionId);
        if (user == null) {
            log.error("Failed to get user for session. Skipping it from current_sessions, id: " + sessionId.getId());
            continue;
        }
        final String uid = StringUtils.isNotBlank(user.getUserId()) ? user.getUserId() : user.getDn();
        if (!currentSessions.contains(sessionId) && !uids.contains(uid)) {
            log.trace("User: {}, sessionId: {}", uid, sessionId.getId());
            currentSessions.add(sessionId);
            uids.add(uid);
        }
    }
    log.trace("Found {} sessions", currentSessions.size());
}

Example 13 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class UserSessionIdService method updateUserSessionIdOnError.

public void updateUserSessionIdOnError(String sessionId) {
    SessionId ldapSessionId = getLdapSessionId(sessionId);
    if (ldapSessionId == null) {
        return;
    }
    Map<String, String> sessionAttributes = ldapSessionId.getSessionAttributes();
    sessionAttributes.put("session_custom_state", "declined");
    sessionIdService.updateSessionId(ldapSessionId, true);
}

Example 14 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class UmaGatheringWS method gatherClaims.

public Response gatherClaims(String clientId, String ticket, String claimRedirectUri, String state, Boolean reset, Boolean authenticationRedirect, HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
    try {
        log.trace("gatherClaims client_id: {}, ticket: {}, claims_redirect_uri: {}, state: {}, authenticationRedirect: {}, queryString: {}", clientId, ticket, claimRedirectUri, state, authenticationRedirect, httpRequest.getQueryString());
        SessionId session = sessionService.getSession(httpRequest, httpResponse);
        if (authenticationRedirect != null && authenticationRedirect) {
            // restore parameters from session
            log.debug("Authentication redirect, restoring parameters from session ...");
            if (session == null) {
                log.error("Session is null however authentication=true. Wrong workflow! Please correct custom Glaims-Gathering Script.");
                throw errorResponseFactory.createWebApplicationException(BAD_REQUEST, INVALID_SESSION, "Session is null however authentication=true. Wrong workflow! Please correct custom Glaims-Gathering Script.");
            }
            clientId = sessionService.getClientId(session);
            ticket = sessionService.getTicket(session);
            claimRedirectUri = sessionService.getClaimsRedirectUri(session);
            state = sessionService.getState(session);
            log.debug("Restored parameters from session, clientId: {}, ticket: {}, claims_redirect_uri: {}, state: {}", clientId, ticket, claimRedirectUri, state);
        }
        validationService.validateClientAndClaimsRedirectUri(clientId, claimRedirectUri, state);
        List<UmaPermission> permissions = validationService.validateTicketWithRedirect(ticket, claimRedirectUri, state);
        String[] scriptNames = validationService.validatesGatheringScriptNames(getScriptNames(permissions), claimRedirectUri, state);
        CustomScriptConfiguration script = external.determineScript(scriptNames);
        if (script == null) {
            log.error("Failed to determine claims-gathering script for names: " + Arrays.toString(scriptNames));
            throw new UmaWebException(claimRedirectUri, errorResponseFactory, INVALID_CLAIMS_GATHERING_SCRIPT_NAME, state);
        }
        sessionService.configure(session, script.getName(), reset, permissions, clientId, claimRedirectUri, state);
        UmaGatherContext context = new UmaGatherContext(script.getConfigurationAttributes(), httpRequest, session, sessionService, permissionService, pctService, new HashMap<String, String>(), userService, null, appConfiguration);
        int step = sessionService.getStep(session);
        int stepsCount = external.getStepsCount(script, context);
        if (step < stepsCount) {
            String page = external.getPageForStep(script, step, context);
            context.persist();
            String baseEndpoint = StringUtils.removeEnd(appConfiguration.getBaseEndpoint(), "/");
            baseEndpoint = StringUtils.removeEnd(baseEndpoint, "restv1");
            baseEndpoint = StringUtils.removeEnd(baseEndpoint, "/");
            String fullUri = baseEndpoint + page;
            fullUri = StringUtils.removeEnd(fullUri, ".xhtml") + ".htm";
            log.trace("Redirecting to page: '{}', fullUri: {}", page, fullUri);
            return Response.status(FOUND).location(new URI(fullUri)).build();
        } else {
            log.error("Step '{}' is more or equal to stepCount: '{}'", stepsCount);
        }
    } catch (Exception ex) {
        log.error("Exception happened", ex);
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
    }
    log.error("Failed to handle call to UMA Claims Gathering Endpoint.");
    throw errorResponseFactory.createWebApplicationException(Response.Status.INTERNAL_SERVER_ERROR, UmaErrorResponseType.SERVER_ERROR, "Failed to handle call to UMA Claims Gathering Endpoint.");
}

Example 15 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class UmaSessionService method getSession.

public SessionId getSession(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
    String cookieId = cookieService.getUmaSessionIdFromCookie(httpRequest);
    log.trace("Cookie - uma_session_id: " + cookieId);
    if (StringUtils.isNotBlank(cookieId)) {
        SessionId sessionId = sessionIdService.getSessionId(cookieId);
        if (sessionId != null) {
            log.trace("Loaded uma_session_id from cookie, session: " + sessionId);
            return sessionId;
        } else {
            log.error("Failed to load uma_session_id from cookie: " + cookieId);
        }
    } else {
        log.error("uma_session_id cookie is not set.");
    }
    log.trace("Generating new uma_session_id ...");
    SessionId session = sessionIdService.generateAuthenticatedSessionId(httpRequest, "", new HashMap<String, String>() {

        {
            put("uma", "true");
        }
    });
    cookieService.createSessionIdCookie(session, httpRequest, httpResponse, true);
    log.trace("uma_session_id cookie created.");
    return session;
}