Search in sources :

Example 1 with SessionExtenderProcessor

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.processor.SessionExtenderProcessor in project carbon-identity-framework by wso2.

the class FrameworkServiceComponent method activate.

@SuppressWarnings("unchecked")
@Activate
protected void activate(ComponentContext ctxt) {
    FrameworkServiceDataHolder dataHolder = FrameworkServiceDataHolder.getInstance();
    dataHolder.setJsFunctionRegistry(new JsFunctionRegistryImpl());
    BundleContext bundleContext = ctxt.getBundleContext();
    bundleContext.registerService(JsFunctionRegistry.class, dataHolder.getJsFunctionRegistry(), null);
    bundleContext.registerService(UserSessionManagementService.class.getName(), new UserSessionManagementServiceImpl(), null);
    bundleContext.registerService(HttpIdentityRequestFactory.class.getName(), new SessionExtenderRequestFactory(), null);
    bundleContext.registerService(HttpIdentityResponseFactory.class.getName(), new SessionExtenderResponseFactory(), null);
    bundleContext.registerService(IdentityProcessor.class.getName(), new SessionExtenderProcessor(), null);
    ServerSessionManagementService serverSessionManagementService = new ServerSessionManagementServiceImpl();
    bundleContext.registerService(ServerSessionManagementService.class.getName(), serverSessionManagementService, null);
    dataHolder.setServerSessionManagementService(serverSessionManagementService);
    setAdaptiveAuthExecutionSupervisor();
    boolean tenantDropdownEnabled = ConfigurationFacade.getInstance().getTenantDropdownEnabled();
    if (tenantDropdownEnabled) {
        // Register the tenant management listener for tracking changes to tenants
        bundleContext.registerService(TenantMgtListener.class.getName(), new AuthenticationEndpointTenantActivityListener(), null);
        if (log.isDebugEnabled()) {
            log.debug("AuthenticationEndpointTenantActivityListener is registered. Tenant Domains Dropdown is " + "enabled.");
        }
    }
    AuthenticationMethodNameTranslatorImpl authenticationMethodNameTranslator = new AuthenticationMethodNameTranslatorImpl();
    authenticationMethodNameTranslator.initializeConfigsWithServerConfig();
    bundleContext.registerService(AuthenticationMethodNameTranslator.class, authenticationMethodNameTranslator, null);
    dataHolder.setAuthenticationMethodNameTranslator(authenticationMethodNameTranslator);
    // Register Common servlet
    Servlet commonAuthServlet = new ContextPathServletAdaptor(new CommonAuthenticationServlet(), COMMON_SERVLET_URL);
    Servlet identityServlet = new ContextPathServletAdaptor(new IdentityServlet(), IDENTITY_SERVLET_URL);
    Servlet loginContextServlet = new ContextPathServletAdaptor(new LoginContextServlet(), LOGIN_CONTEXT_SERVLET_URL);
    try {
        httpService.registerServlet(COMMON_SERVLET_URL, commonAuthServlet, null, null);
        httpService.registerServlet(IDENTITY_SERVLET_URL, identityServlet, null, null);
        httpService.registerServlet(LOGIN_CONTEXT_SERVLET_URL, loginContextServlet, null, null);
    } catch (Exception e) {
        String errMsg = "Error when registering servlets via the HttpService.";
        log.error(errMsg, e);
        throw new RuntimeException(errMsg, e);
    }
    if (promptOnLongWait()) {
        Servlet longWaitStatusServlet = new ContextPathServletAdaptor(new LongWaitStatusServlet(), LONGWAITSTATUS_SERVLET_URL);
        try {
            httpService.registerServlet(LONGWAITSTATUS_SERVLET_URL, longWaitStatusServlet, null, null);
        } catch (Exception e) {
            String errMsg = "Error when registering longwaitstatus servlet via the HttpService.";
            log.error(errMsg, e);
            throw new RuntimeException(errMsg, e);
        }
    }
    dataHolder.setBundleContext(bundleContext);
    dataHolder.getHttpIdentityRequestFactories().add(new HttpIdentityRequestFactory());
    dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLoginResponseFactory());
    dataHolder.getHttpIdentityResponseFactories().add(new FrameworkLogoutResponseFactory());
    JsGraphBuilderFactory jsGraphBuilderFactory = new JsGraphBuilderFactory();
    jsGraphBuilderFactory.init();
    UIBasedConfigurationLoader uiBasedConfigurationLoader = new UIBasedConfigurationLoader();
    dataHolder.setSequenceLoader(uiBasedConfigurationLoader);
    dataHolder.setJsGraphBuilderFactory(jsGraphBuilderFactory);
    PostAuthenticationMgtService postAuthenticationMgtService = new PostAuthenticationMgtService();
    bundleContext.registerService(PostAuthenticationMgtService.class.getName(), postAuthenticationMgtService, null);
    dataHolder.setPostAuthenticationMgtService(postAuthenticationMgtService);
    // Registering missing mandatory claim handler as a post authn handler
    PostAuthenticationHandler postAuthnMissingClaimHandler = new PostAuthnMissingClaimHandler();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthnMissingClaimHandler, null);
    SSOConsentService ssoConsentService = new SSOConsentServiceImpl();
    bundleContext.registerService(SSOConsentService.class.getName(), ssoConsentService, null);
    dataHolder.setSSOConsentService(ssoConsentService);
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), consentMgtPostAuthnHandler, null);
    JITProvisioningIdentityProviderMgtListener jitProvisioningIDPMgtListener = new JITProvisioningIdentityProviderMgtListener();
    bundleContext.registerService(IdentityProviderMgtListener.class.getName(), jitProvisioningIDPMgtListener, null);
    bundleContext.registerService(ClaimFilter.class.getName(), new DefaultClaimFilter(), null);
    // this is done to load SessionDataStore class and start the cleanup tasks.
    SessionDataStore.getInstance();
    AsyncSequenceExecutor asyncSequenceExecutor = new AsyncSequenceExecutor();
    asyncSequenceExecutor.init();
    dataHolder.setAsyncSequenceExecutor(asyncSequenceExecutor);
    LongWaitStatusDAOImpl daoImpl = new LongWaitStatusDAOImpl();
    CacheBackedLongWaitStatusDAO cacheBackedDao = new CacheBackedLongWaitStatusDAO(daoImpl);
    String connectionTimeoutString = IdentityUtil.getProperty("AdaptiveAuth.HTTPConnectionTimeout");
    int connectionTimeout = 5000;
    if (connectionTimeoutString != null) {
        try {
            connectionTimeout = Integer.parseInt(connectionTimeoutString);
        } catch (NumberFormatException e) {
            log.error("Error while parsing connection timeout : " + connectionTimeoutString, e);
        }
    }
    LongWaitStatusStoreService longWaitStatusStoreService = new LongWaitStatusStoreService(cacheBackedDao, connectionTimeout);
    dataHolder.setLongWaitStatusStoreService(longWaitStatusStoreService);
    // Registering JIT, association and domain handler as post authentication handler
    PostAuthenticationHandler postJITProvisioningHandler = JITProvisioningPostAuthenticationHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postJITProvisioningHandler, null);
    PostAuthenticationHandler postAuthAssociationHandler = PostAuthAssociationHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthAssociationHandler, null);
    PostAuthenticationHandler postAuthenticatedUserDomainHandler = PostAuthenticatedSubjectIdentifierHandler.getInstance();
    bundleContext.registerService(PostAuthenticationHandler.class.getName(), postAuthenticatedUserDomainHandler, null);
    if (log.isDebugEnabled()) {
        log.debug("Application Authentication Framework bundle is activated");
    }
    /**
     * Load and reade the require.js file in resources.
     */
    this.loadCodeForRequire();
    // Set user session mapping enabled.
    FrameworkServiceDataHolder.getInstance().setUserSessionMappingEnabled(FrameworkUtils.isUserSessionMappingEnabled());
    if (FrameworkServiceDataHolder.getInstance().getSessionSerializer() == null) {
        FrameworkServiceDataHolder.getInstance().setSessionSerializer(new JavaSessionSerializer());
    }
    bundleContext.registerService(ApplicationAuthenticationService.class.getName(), new ApplicationAuthenticationService(), null);
// Note : DO NOT add any activation related code below this point,
// to make sure the server doesn't start up if any activation failures
}
Also used : JsGraphBuilderFactory(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsGraphBuilderFactory) SessionExtenderProcessor(org.wso2.carbon.identity.application.authentication.framework.session.extender.processor.SessionExtenderProcessor) JsFunctionRegistryImpl(org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsFunctionRegistryImpl) CommonAuthenticationServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet) AsyncSequenceExecutor(org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.AsyncSequenceExecutor) JavaSessionSerializer(org.wso2.carbon.identity.application.authentication.framework.store.JavaSessionSerializer) ServerSessionManagementServiceImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.ServerSessionManagementServiceImpl) AuthenticationMethodNameTranslatorImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.AuthenticationMethodNameTranslatorImpl) ApplicationAuthenticationService(org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationService) DefaultClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter) LongWaitStatusServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LongWaitStatusServlet) TenantMgtListener(org.wso2.carbon.stratos.common.listeners.TenantMgtListener) LoginContextServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LoginContextServlet) UIBasedConfigurationLoader(org.wso2.carbon.identity.application.authentication.framework.config.loader.UIBasedConfigurationLoader) JITProvisioningIdentityProviderMgtListener(org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.listener.JITProvisioningIdentityProviderMgtListener) CacheBackedLongWaitStatusDAO(org.wso2.carbon.identity.application.authentication.framework.dao.impl.CacheBackedLongWaitStatusDAO) LongWaitStatusStoreService(org.wso2.carbon.identity.application.authentication.framework.store.LongWaitStatusStoreService) IdentityProcessor(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityProcessor) Servlet(javax.servlet.Servlet) CommonAuthenticationServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet) IdentityServlet(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityServlet) LoginContextServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LoginContextServlet) LongWaitStatusServlet(org.wso2.carbon.identity.application.authentication.framework.servlet.LongWaitStatusServlet) UserSessionManagementServiceImpl(org.wso2.carbon.identity.application.authentication.framework.internal.impl.UserSessionManagementServiceImpl) HttpIdentityRequestFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityRequestFactory) IdentityServlet(org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityServlet) ClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.ClaimFilter) DefaultClaimFilter(org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter) PostAuthenticationMgtService(org.wso2.carbon.identity.application.authentication.framework.services.PostAuthenticationMgtService) SessionExtenderRequestFactory(org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequestFactory) FrameworkLogoutResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLogoutResponseFactory) UserSessionManagementService(org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService) FrameworkLoginResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLoginResponseFactory) SSOConsentService(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService) IdentityProviderMgtListener(org.wso2.carbon.idp.mgt.listener.IdentityProviderMgtListener) JITProvisioningIdentityProviderMgtListener(org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.listener.JITProvisioningIdentityProviderMgtListener) SessionExtenderResponseFactory(org.wso2.carbon.identity.application.authentication.framework.session.extender.response.SessionExtenderResponseFactory) PostAuthnMissingClaimHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.PostAuthnMissingClaimHandler) IOException(java.io.IOException) FrameworkException(org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException) ContextPathServletAdaptor(org.eclipse.equinox.http.helper.ContextPathServletAdaptor) LongWaitStatusDAOImpl(org.wso2.carbon.identity.application.authentication.framework.dao.impl.LongWaitStatusDAOImpl) AuthenticationEndpointTenantActivityListener(org.wso2.carbon.identity.application.authentication.framework.listener.AuthenticationEndpointTenantActivityListener) HttpIdentityResponseFactory(org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityResponseFactory) ServerSessionManagementService(org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService) SSOConsentServiceImpl(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentServiceImpl) BundleContext(org.osgi.framework.BundleContext) JITProvisioningPostAuthenticationHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.JITProvisioningPostAuthenticationHandler) PostAuthenticationHandler(org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthenticationHandler) Activate(org.osgi.service.component.annotations.Activate)

Example 2 with SessionExtenderProcessor

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.processor.SessionExtenderProcessor in project carbon-identity-framework by wso2.

the class SessionExtenderProcessor method getSessionKey.

private String getSessionKey(SessionExtenderRequest sessionExtenderRequest) throws SessionExtenderClientException {
    String sessionKeyFromParam = getSessionKeyFromParameters(sessionExtenderRequest);
    String sessionKeyFromCookie = getSessionKeyFromCookie(sessionExtenderRequest);
    // When both the cookie and parameter are present, check whether they match.
    if (sessionKeyFromParam != null && sessionKeyFromCookie != null) {
        if (!sessionKeyFromParam.equals(sessionKeyFromCookie)) {
            throw new SessionExtenderClientException(SessionExtenderConstants.Error.CONFLICT.getCode(), SessionExtenderConstants.Error.CONFLICT.getMessage(), "Session key mismatch between cookie and parameter values.");
        }
    }
    if (sessionKeyFromParam != null) {
        if (log.isDebugEnabled()) {
            log.debug("SessionExtenderProcessor proceeding with the sessionKey in the request. Identified session: " + sessionKeyFromParam);
        }
        return sessionKeyFromParam;
    } else if (sessionKeyFromCookie != null) {
        if (log.isDebugEnabled()) {
            log.debug("SessionExtenderProcessor proceeding with the sessionCookie in the request. Identified " + "session: " + sessionKeyFromCookie);
        }
        return sessionKeyFromCookie;
    } else {
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.INVALID_REQUEST.getCode(), SessionExtenderConstants.Error.INVALID_REQUEST.getMessage(), "No session key or cookie available for processing.");
    }
}
Also used : SessionExtenderClientException(org.wso2.carbon.identity.application.authentication.framework.session.extender.exception.SessionExtenderClientException)

Example 3 with SessionExtenderProcessor

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.processor.SessionExtenderProcessor in project carbon-identity-framework by wso2.

the class SessionExtenderProcessor method process.

@Override
public IdentityResponse.IdentityResponseBuilder process(IdentityRequest identityRequest) throws SessionExtenderClientException {
    if (log.isDebugEnabled()) {
        log.debug("Request processing started by SessionExtenderProcessor.");
    }
    SessionExtenderRequest sessionExtenderRequest = (SessionExtenderRequest) identityRequest;
    String tenantDomain = sessionExtenderRequest.getTenantDomain();
    String sessionKey = getSessionKey(sessionExtenderRequest);
    SessionContextCacheKey sessionContextCacheKey = new SessionContextCacheKey(sessionKey);
    SessionContextCacheEntry sessionContextCacheEntry = SessionContextCache.getInstance().getSessionContextCacheEntry(sessionContextCacheKey, tenantDomain);
    if (sessionContextCacheEntry == null) {
        if (log.isDebugEnabled()) {
            log.debug("No session available for requested session identifier: " + sessionKey);
        }
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getCode(), SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getMessage(), "No session available for requested session identifier.");
    }
    SessionContext sessionContext = sessionContextCacheEntry.getContext();
    long currentTime = System.currentTimeMillis();
    FrameworkUtils.updateSessionLastAccessTimeMetadata(sessionKey, currentTime);
    FrameworkUtils.addSessionContextToCache(sessionKey, sessionContext, tenantDomain, tenantDomain);
    String traceId = FrameworkUtils.getCorrelation();
    fireEvent(sessionKey, sessionContext, tenantDomain, traceId);
    addAuditLogs(sessionKey, tenantDomain, traceId);
    SessionExtenderResponse.SessionExtenderResponseBuilder responseBuilder = new SessionExtenderResponse.SessionExtenderResponseBuilder();
    responseBuilder.setTraceId(traceId);
    return responseBuilder;
}
Also used : SessionExtenderResponse(org.wso2.carbon.identity.application.authentication.framework.session.extender.response.SessionExtenderResponse) SessionExtenderClientException(org.wso2.carbon.identity.application.authentication.framework.session.extender.exception.SessionExtenderClientException) SessionContextCacheEntry(org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheEntry) SessionContext(org.wso2.carbon.identity.application.authentication.framework.context.SessionContext) SessionContextCacheKey(org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheKey) SessionExtenderRequest(org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest)

Aggregations

SessionExtenderClientException (org.wso2.carbon.identity.application.authentication.framework.session.extender.exception.SessionExtenderClientException)2 IOException (java.io.IOException)1 Servlet (javax.servlet.Servlet)1 ContextPathServletAdaptor (org.eclipse.equinox.http.helper.ContextPathServletAdaptor)1 BundleContext (org.osgi.framework.BundleContext)1 Activate (org.osgi.service.component.annotations.Activate)1 ApplicationAuthenticationService (org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticationService)1 ServerSessionManagementService (org.wso2.carbon.identity.application.authentication.framework.ServerSessionManagementService)1 UserSessionManagementService (org.wso2.carbon.identity.application.authentication.framework.UserSessionManagementService)1 SessionContextCacheEntry (org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheEntry)1 SessionContextCacheKey (org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheKey)1 UIBasedConfigurationLoader (org.wso2.carbon.identity.application.authentication.framework.config.loader.UIBasedConfigurationLoader)1 JsFunctionRegistryImpl (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsFunctionRegistryImpl)1 JsGraphBuilderFactory (org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsGraphBuilderFactory)1 SessionContext (org.wso2.carbon.identity.application.authentication.framework.context.SessionContext)1 CacheBackedLongWaitStatusDAO (org.wso2.carbon.identity.application.authentication.framework.dao.impl.CacheBackedLongWaitStatusDAO)1 LongWaitStatusDAOImpl (org.wso2.carbon.identity.application.authentication.framework.dao.impl.LongWaitStatusDAOImpl)1 FrameworkException (org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException)1 ClaimFilter (org.wso2.carbon.identity.application.authentication.framework.handler.claims.ClaimFilter)1 DefaultClaimFilter (org.wso2.carbon.identity.application.authentication.framework.handler.claims.impl.DefaultClaimFilter)1