Examples with SessionId org.gluu.oxauth.model.common.SessionId used on opensource projects

Example 16 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class CheckSessionStatusRestWebServiceImpl method requestCheckSessionStatus.

@GET
@Path("/session_status")
@Produces({ MediaType.APPLICATION_JSON })
public Response requestCheckSessionStatus(@Context HttpServletRequest httpRequest, @Context HttpServletResponse httpResponse, @Context SecurityContext securityContext) throws IOException {
    String sessionIdCookie = cookieService.getSessionIdFromCookie(httpRequest);
    log.debug("Found session '{}' cookie: '{}'", CookieService.SESSION_ID_COOKIE_NAME, sessionIdCookie);
    CheckSessionResponse response = new CheckSessionResponse("unknown", "");
    SessionId sessionId = sessionIdService.getSessionId(sessionIdCookie);
    if (sessionId != null) {
        response.setState(sessionId.getState().getValue());
        response.setAuthTime(sessionId.getAuthenticationTime());
        String sessionCustomState = sessionId.getSessionAttributes().get(SessionIdService.SESSION_CUSTOM_STATE);
        if (StringHelper.isNotEmpty(sessionCustomState)) {
            response.setCustomState(sessionCustomState);
        }
    }
    String responseJson = ServerUtil.asJson(response);
    log.debug("Check session status response: '{}'", responseJson);
    return Response.ok().type(MediaType.APPLICATION_JSON).entity(responseJson).build();
}

Example 17 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class U2fRegistrationWS method isCurrentAuthenticationLevelCorrespondsToU2fLevel.

private boolean isCurrentAuthenticationLevelCorrespondsToU2fLevel(String session) {
    SessionId sessionId = sessionIdService.getSessionId(session);
    if (sessionId == null)
        return false;
    String acrValuesStr = sessionIdService.getAcr(sessionId);
    if (acrValuesStr == null)
        return false;
    CustomScriptConfiguration u2fScriptConfiguration = service.getCustomScriptConfigurationByName("u2f");
    if (u2fScriptConfiguration == null)
        return false;
    String[] acrValuesArray = acrValuesStr.split(" ");
    for (String acrValue : acrValuesArray) {
        CustomScriptConfiguration currentScriptConfiguration = service.getCustomScriptConfigurationByName(acrValue);
        if (currentScriptConfiguration == null)
            continue;
        if (currentScriptConfiguration.getLevel() >= u2fScriptConfiguration.getLevel())
            return true;
    }
    return false;
}

Example 18 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class SessionIdServiceTest method statePersistence.

@Parameters({ "userInum" })
@Test
public void statePersistence(String userInum) {
    String userDn = userService.getDnForUser(userInum);
    SessionId newId = m_service.generateAuthenticatedSessionId(null, userDn);
    Assert.assertEquals(newId.getState(), SessionIdState.AUTHENTICATED);
    Map<String, String> sessionAttributes = new HashMap<String, String>();
    sessionAttributes.put("k1", "v1");
    newId.setSessionAttributes(sessionAttributes);
    m_service.updateSessionId(newId);
    final SessionId fresh = m_service.getSessionId(newId.getId());
    Assert.assertEquals(fresh.getState(), SessionIdState.AUTHENTICATED);
    Assert.assertTrue(fresh.getSessionAttributes().containsKey("k1"));
    Assert.assertTrue(fresh.getSessionAttributes().containsValue("v1"));
}

Example 19 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class CacheGrantManual method testState.

private static SessionId testState() {
    HashMap<String, String> map = new HashMap<String, String>();
    map.put("mapKey", "mapValue");
    SessionId state = new SessionId();
    state.setUserDn("userDn");
    state.setId(UUID.randomUUID().toString());
    state.setLastUsedAt(new Date());
    state.setSessionAttributes(map);
    return state;
}

Example 20 with SessionId

use of org.gluu.oxauth.model.common.SessionId in project oxAuth by GluuFederation.

the class SessionIdService method generateAuthenticatedSessionId.

public SessionId generateAuthenticatedSessionId(HttpServletRequest httpRequest, String userDn, Map<String, String> sessionIdAttributes) throws InvalidSessionStateException {
    SessionId sessionId = generateSessionId(userDn, new Date(), SessionIdState.AUTHENTICATED, sessionIdAttributes, true);
    reportActiveUser(sessionId);
    if (externalApplicationSessionService.isEnabled()) {
        String userName = sessionId.getSessionAttributes().get(Constants.AUTHENTICATED_USER);
        boolean externalResult = externalApplicationSessionService.executeExternalStartSessionMethods(httpRequest, sessionId);
        log.info("Start session result for '{}': '{}'", userName, "start", externalResult);
        if (!externalResult) {
            reinitLogin(sessionId, true);
            throw new InvalidSessionStateException("Session creation is prohibited by external session script!");
        }
        externalEvent(new SessionEvent(SessionEventType.AUTHENTICATED, sessionId).setHttpRequest(httpRequest));
    }
    return sessionId;
}