Examples with SessionExtenderRequest org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest used on opensource projects

Example 1 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessor method getSessionKey.

private String getSessionKey(SessionExtenderRequest sessionExtenderRequest) throws SessionExtenderClientException {
    String sessionKeyFromParam = getSessionKeyFromParameters(sessionExtenderRequest);
    String sessionKeyFromCookie = getSessionKeyFromCookie(sessionExtenderRequest);
    // When both the cookie and parameter are present, check whether they match.
    if (sessionKeyFromParam != null && sessionKeyFromCookie != null) {
        if (!sessionKeyFromParam.equals(sessionKeyFromCookie)) {
            throw new SessionExtenderClientException(SessionExtenderConstants.Error.CONFLICT.getCode(), SessionExtenderConstants.Error.CONFLICT.getMessage(), "Session key mismatch between cookie and parameter values.");
        }
    }
    if (sessionKeyFromParam != null) {
        if (log.isDebugEnabled()) {
            log.debug("SessionExtenderProcessor proceeding with the sessionKey in the request. Identified session: " + sessionKeyFromParam);
        }
        return sessionKeyFromParam;
    } else if (sessionKeyFromCookie != null) {
        if (log.isDebugEnabled()) {
            log.debug("SessionExtenderProcessor proceeding with the sessionCookie in the request. Identified " + "session: " + sessionKeyFromCookie);
        }
        return sessionKeyFromCookie;
    } else {
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.INVALID_REQUEST.getCode(), SessionExtenderConstants.Error.INVALID_REQUEST.getMessage(), "No session key or cookie available for processing.");
    }
}

Example 2 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessorTest method testCanHandle.

@Test
public void testCanHandle() {
    SessionExtenderRequest sessionExtenderRequest = mock(SessionExtenderRequest.class);
    assertTrue(sessionExtenderProcessor.canHandle(sessionExtenderRequest), "Cannot handle valid " + "SessionExtenderRequest.");
}

Example 3 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessor method process.

@Override
public IdentityResponse.IdentityResponseBuilder process(IdentityRequest identityRequest) throws SessionExtenderClientException {
    if (log.isDebugEnabled()) {
        log.debug("Request processing started by SessionExtenderProcessor.");
    }
    SessionExtenderRequest sessionExtenderRequest = (SessionExtenderRequest) identityRequest;
    String tenantDomain = sessionExtenderRequest.getTenantDomain();
    String sessionKey = getSessionKey(sessionExtenderRequest);
    SessionContextCacheKey sessionContextCacheKey = new SessionContextCacheKey(sessionKey);
    SessionContextCacheEntry sessionContextCacheEntry = SessionContextCache.getInstance().getSessionContextCacheEntry(sessionContextCacheKey, tenantDomain);
    if (sessionContextCacheEntry == null) {
        if (log.isDebugEnabled()) {
            log.debug("No session available for requested session identifier: " + sessionKey);
        }
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getCode(), SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getMessage(), "No session available for requested session identifier.");
    }
    SessionContext sessionContext = sessionContextCacheEntry.getContext();
    long currentTime = System.currentTimeMillis();
    FrameworkUtils.updateSessionLastAccessTimeMetadata(sessionKey, currentTime);
    FrameworkUtils.addSessionContextToCache(sessionKey, sessionContext, tenantDomain, tenantDomain);
    String traceId = FrameworkUtils.getCorrelation();
    fireEvent(sessionKey, sessionContext, tenantDomain, traceId);
    addAuditLogs(sessionKey, tenantDomain, traceId);
    SessionExtenderResponse.SessionExtenderResponseBuilder responseBuilder = new SessionExtenderResponse.SessionExtenderResponseBuilder();
    responseBuilder.setTraceId(traceId);
    return responseBuilder;
}

Example 4 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderRequestFactory method create.

@Override
public IdentityRequest.IdentityRequestBuilder create(HttpServletRequest request, HttpServletResponse response) throws FrameworkClientException {
    if (log.isDebugEnabled()) {
        log.debug("SessionExtenderRequest creation initiated by the factory.");
    }
    SessionExtenderRequest.SessionExtenderRequestBuilder builder = new SessionExtenderRequest.SessionExtenderRequestBuilder(request, response);
    super.create(builder, request, response);
    String sessionKeyValue = request.getParameter(SESSION_ID_PARAM_NAME);
    if (sessionKeyValue != null) {
        builder.setSessionKey(sessionKeyValue);
    }
    Cookie commonAuthCookie = FrameworkUtils.getAuthCookie(request);
    if (commonAuthCookie != null) {
        builder.setSessionCookie(commonAuthCookie);
    }
    if (sessionKeyValue == null && commonAuthCookie == null) {
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.INVALID_REQUEST.getCode(), SessionExtenderConstants.Error.INVALID_REQUEST.getMessage(), "No session identifier parameter or cookie present in request.");
    }
    return builder;
}

Example 5 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessorTest method testProcessWithSessionKey.

@Test(expectedExceptions = NullPointerException.class)
public void testProcessWithSessionKey() throws Exception {
    mockStatic(SessionContextCache.class);
    SessionExtenderRequest sessionExtenderRequest = mock(SessionExtenderRequest.class);
    SessionContextCache sessionContextCache = mock(SessionContextCache.class);
    SessionContextCacheKey sessionContextCacheKey = mock(SessionContextCacheKey.class);
    SessionContextCacheEntry sessionContextCacheEntry = mock(SessionContextCacheEntry.class);
    SessionContext sessionContext = mock(SessionContext.class);
    whenNew(SessionContextCacheKey.class).withArguments(anyString()).thenReturn(sessionContextCacheKey);
    when(sessionExtenderRequest.getTenantDomain()).thenReturn(TENANT_DOMAIN);
    when(sessionExtenderRequest.getSessionKey()).thenReturn(IDP_SESSION_KEY);
    when(SessionContextCache.getInstance()).thenReturn(sessionContextCache);
    when(sessionContextCache.getSessionContextCacheEntry(anyObject(), anyString())).thenReturn(sessionContextCacheEntry);
    when(sessionContextCacheEntry.getContext()).thenReturn(sessionContext);
    SessionExtenderResponse.SessionExtenderResponseBuilder responseBuilder = (SessionExtenderResponse.SessionExtenderResponseBuilder) sessionExtenderProcessor.process(sessionExtenderRequest);
    SessionExtenderResponse response = responseBuilder.build();
    assertNotNull(response.getTraceId(), "Error creating successful response.");
}