Examples with MapUserSessionProvider - org.keycloak.models.map.userSession.MapUserSessionProvider

Example 1 with MapUserSessionProvider

use of org.keycloak.models.map.userSession.MapUserSessionProvider in project keycloak by keycloak.

the class UserSessionProviderModelTest method testExpiredClientSessions.

@Test
public void testExpiredClientSessions() {
    // Suspend periodic tasks to avoid race-conditions, which may cause missing updates of lastSessionRefresh times to UserSessionPersisterProvider
    TimerProvider timer = kcSession.getProvider(TimerProvider.class);
    TimerProvider.TimerTaskContext timerTaskCtx = null;
    if (timer != null) {
        timerTaskCtx = timer.cancelTask(PersisterLastSessionRefreshStoreFactory.DB_LSR_PERIODIC_TASK_NAME);
        log.info("Cancelled periodic task " + PersisterLastSessionRefreshStoreFactory.DB_LSR_PERIODIC_TASK_NAME);
        InfinispanTestUtil.setTestingTimeService(kcSession);
    }
    try {
        UserSessionModel[] origSessions = inComittedTransaction(session -> {
            // create some user and client sessions
            return createSessions(session, realmId);
        });
        AtomicReference<List<String>> clientSessionIds = new AtomicReference<>();
        clientSessionIds.set(origSessions[0].getAuthenticatedClientSessions().values().stream().map(AuthenticatedClientSessionModel::getId).collect(Collectors.toList()));
        inComittedTransaction(session -> {
            RealmModel realm = session.realms().getRealm(realmId);
            UserSessionModel userSession = session.sessions().getUserSession(realm, origSessions[0].getId());
            Assert.assertEquals(origSessions[0], userSession);
            AuthenticatedClientSessionModel clientSession = session.sessions().getClientSession(userSession, realm.getClientByClientId("test-app"), origSessions[0].getAuthenticatedClientSessionByClient(realm.getClientByClientId("test-app").getId()).getId(), false);
            Assert.assertEquals(origSessions[0].getAuthenticatedClientSessionByClient(realm.getClientByClientId("test-app").getId()).getId(), clientSession.getId());
            userSession = session.sessions().getUserSession(realm, origSessions[1].getId());
            Assert.assertEquals(origSessions[1], userSession);
        });
        // not possible to expire client session without expiring user sessions with time offset in map storage because
        // expiration in map storage takes min of (clientSessionIdleExpiration, ssoSessionIdleTimeout)
        inComittedTransaction(session -> {
            if (session.getProvider(UserSessionProvider.class) instanceof MapUserSessionProvider) {
                RealmModel realm = session.realms().getRealm(realmId);
                UserSessionModel userSession = session.sessions().getUserSession(realm, origSessions[0].getId());
                userSession.getAuthenticatedClientSessions().values().stream().forEach(clientSession -> {
                    // expire client sessions
                    clientSession.setTimestamp(1);
                });
            } else {
                Time.setOffset(1000);
            }
        });
        inComittedTransaction(session -> {
            RealmModel realm = session.realms().getRealm(realmId);
            // assert the user session is still there
            UserSessionModel userSession = session.sessions().getUserSession(realm, origSessions[0].getId());
            Assert.assertEquals(origSessions[0], userSession);
            // assert the client sessions are expired
            clientSessionIds.get().forEach(clientSessionId -> {
                Assert.assertNull(session.sessions().getClientSession(userSession, realm.getClientByClientId("test-app"), clientSessionId, false));
                Assert.assertNull(session.sessions().getClientSession(userSession, realm.getClientByClientId("third-party"), clientSessionId, false));
            });
        });
    } finally {
        Time.setOffset(0);
        kcSession.getKeycloakSessionFactory().publish(new ResetTimeOffsetEvent());
        if (timer != null && timerTaskCtx != null) {
            timer.schedule(timerTaskCtx.getRunnable(), timerTaskCtx.getIntervalMillis(), PersisterLastSessionRefreshStoreFactory.DB_LSR_PERIODIC_TASK_NAME);
            InfinispanTestUtil.revertTimeService();
        }
    }
}

Also used : RealmModel(org.keycloak.models.RealmModel) UserSessionProvider(org.keycloak.models.UserSessionProvider) MapUserSessionProvider(org.keycloak.models.map.userSession.MapUserSessionProvider) UserSessionModel(org.keycloak.models.UserSessionModel) ResetTimeOffsetEvent(org.keycloak.models.utils.ResetTimeOffsetEvent) AuthenticatedClientSessionModel(org.keycloak.models.AuthenticatedClientSessionModel) MapUserSessionProvider(org.keycloak.models.map.userSession.MapUserSessionProvider) TimerProvider(org.keycloak.timer.TimerProvider) List(java.util.List) AtomicReference(java.util.concurrent.atomic.AtomicReference) Test(org.junit.Test) KeycloakModelTest(org.keycloak.testsuite.model.KeycloakModelTest)

Aggregations

List (java.util.List)1 AtomicReference (java.util.concurrent.atomic.AtomicReference)1 Test (org.junit.Test)1 AuthenticatedClientSessionModel (org.keycloak.models.AuthenticatedClientSessionModel)1 RealmModel (org.keycloak.models.RealmModel)1 UserSessionModel (org.keycloak.models.UserSessionModel)1 UserSessionProvider (org.keycloak.models.UserSessionProvider)1 MapUserSessionProvider (org.keycloak.models.map.userSession.MapUserSessionProvider)1 ResetTimeOffsetEvent (org.keycloak.models.utils.ResetTimeOffsetEvent)1 KeycloakModelTest (org.keycloak.testsuite.model.KeycloakModelTest)1 TimerProvider (org.keycloak.timer.TimerProvider)1