Search in sources :

Example 1 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessor method getSessionKey.

private String getSessionKey(SessionExtenderRequest sessionExtenderRequest) throws SessionExtenderClientException {
    String sessionKeyFromParam = getSessionKeyFromParameters(sessionExtenderRequest);
    String sessionKeyFromCookie = getSessionKeyFromCookie(sessionExtenderRequest);
    // When both the cookie and parameter are present, check whether they match.
    if (sessionKeyFromParam != null && sessionKeyFromCookie != null) {
        if (!sessionKeyFromParam.equals(sessionKeyFromCookie)) {
            throw new SessionExtenderClientException(SessionExtenderConstants.Error.CONFLICT.getCode(), SessionExtenderConstants.Error.CONFLICT.getMessage(), "Session key mismatch between cookie and parameter values.");
        }
    }
    if (sessionKeyFromParam != null) {
        if (log.isDebugEnabled()) {
            log.debug("SessionExtenderProcessor proceeding with the sessionKey in the request. Identified session: " + sessionKeyFromParam);
        }
        return sessionKeyFromParam;
    } else if (sessionKeyFromCookie != null) {
        if (log.isDebugEnabled()) {
            log.debug("SessionExtenderProcessor proceeding with the sessionCookie in the request. Identified " + "session: " + sessionKeyFromCookie);
        }
        return sessionKeyFromCookie;
    } else {
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.INVALID_REQUEST.getCode(), SessionExtenderConstants.Error.INVALID_REQUEST.getMessage(), "No session key or cookie available for processing.");
    }
}
Also used : SessionExtenderClientException(org.wso2.carbon.identity.application.authentication.framework.session.extender.exception.SessionExtenderClientException)

Example 2 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessorTest method testCanHandle.

@Test
public void testCanHandle() {
    SessionExtenderRequest sessionExtenderRequest = mock(SessionExtenderRequest.class);
    assertTrue(sessionExtenderProcessor.canHandle(sessionExtenderRequest), "Cannot handle valid " + "SessionExtenderRequest.");
}
Also used : SessionExtenderRequest(org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 3 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessor method process.

@Override
public IdentityResponse.IdentityResponseBuilder process(IdentityRequest identityRequest) throws SessionExtenderClientException {
    if (log.isDebugEnabled()) {
        log.debug("Request processing started by SessionExtenderProcessor.");
    }
    SessionExtenderRequest sessionExtenderRequest = (SessionExtenderRequest) identityRequest;
    String tenantDomain = sessionExtenderRequest.getTenantDomain();
    String sessionKey = getSessionKey(sessionExtenderRequest);
    SessionContextCacheKey sessionContextCacheKey = new SessionContextCacheKey(sessionKey);
    SessionContextCacheEntry sessionContextCacheEntry = SessionContextCache.getInstance().getSessionContextCacheEntry(sessionContextCacheKey, tenantDomain);
    if (sessionContextCacheEntry == null) {
        if (log.isDebugEnabled()) {
            log.debug("No session available for requested session identifier: " + sessionKey);
        }
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getCode(), SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getMessage(), "No session available for requested session identifier.");
    }
    SessionContext sessionContext = sessionContextCacheEntry.getContext();
    long currentTime = System.currentTimeMillis();
    FrameworkUtils.updateSessionLastAccessTimeMetadata(sessionKey, currentTime);
    FrameworkUtils.addSessionContextToCache(sessionKey, sessionContext, tenantDomain, tenantDomain);
    String traceId = FrameworkUtils.getCorrelation();
    fireEvent(sessionKey, sessionContext, tenantDomain, traceId);
    addAuditLogs(sessionKey, tenantDomain, traceId);
    SessionExtenderResponse.SessionExtenderResponseBuilder responseBuilder = new SessionExtenderResponse.SessionExtenderResponseBuilder();
    responseBuilder.setTraceId(traceId);
    return responseBuilder;
}
Also used : SessionExtenderResponse(org.wso2.carbon.identity.application.authentication.framework.session.extender.response.SessionExtenderResponse) SessionExtenderClientException(org.wso2.carbon.identity.application.authentication.framework.session.extender.exception.SessionExtenderClientException) SessionContextCacheEntry(org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheEntry) SessionContext(org.wso2.carbon.identity.application.authentication.framework.context.SessionContext) SessionContextCacheKey(org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheKey) SessionExtenderRequest(org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest)

Example 4 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderRequestFactory method create.

@Override
public IdentityRequest.IdentityRequestBuilder create(HttpServletRequest request, HttpServletResponse response) throws FrameworkClientException {
    if (log.isDebugEnabled()) {
        log.debug("SessionExtenderRequest creation initiated by the factory.");
    }
    SessionExtenderRequest.SessionExtenderRequestBuilder builder = new SessionExtenderRequest.SessionExtenderRequestBuilder(request, response);
    super.create(builder, request, response);
    String sessionKeyValue = request.getParameter(SESSION_ID_PARAM_NAME);
    if (sessionKeyValue != null) {
        builder.setSessionKey(sessionKeyValue);
    }
    Cookie commonAuthCookie = FrameworkUtils.getAuthCookie(request);
    if (commonAuthCookie != null) {
        builder.setSessionCookie(commonAuthCookie);
    }
    if (sessionKeyValue == null && commonAuthCookie == null) {
        throw new SessionExtenderClientException(SessionExtenderConstants.Error.INVALID_REQUEST.getCode(), SessionExtenderConstants.Error.INVALID_REQUEST.getMessage(), "No session identifier parameter or cookie present in request.");
    }
    return builder;
}
Also used : Cookie(javax.servlet.http.Cookie) SessionExtenderClientException(org.wso2.carbon.identity.application.authentication.framework.session.extender.exception.SessionExtenderClientException)

Example 5 with SessionExtenderRequest

use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.

the class SessionExtenderProcessorTest method testProcessWithSessionKey.

@Test(expectedExceptions = NullPointerException.class)
public void testProcessWithSessionKey() throws Exception {
    mockStatic(SessionContextCache.class);
    SessionExtenderRequest sessionExtenderRequest = mock(SessionExtenderRequest.class);
    SessionContextCache sessionContextCache = mock(SessionContextCache.class);
    SessionContextCacheKey sessionContextCacheKey = mock(SessionContextCacheKey.class);
    SessionContextCacheEntry sessionContextCacheEntry = mock(SessionContextCacheEntry.class);
    SessionContext sessionContext = mock(SessionContext.class);
    whenNew(SessionContextCacheKey.class).withArguments(anyString()).thenReturn(sessionContextCacheKey);
    when(sessionExtenderRequest.getTenantDomain()).thenReturn(TENANT_DOMAIN);
    when(sessionExtenderRequest.getSessionKey()).thenReturn(IDP_SESSION_KEY);
    when(SessionContextCache.getInstance()).thenReturn(sessionContextCache);
    when(sessionContextCache.getSessionContextCacheEntry(anyObject(), anyString())).thenReturn(sessionContextCacheEntry);
    when(sessionContextCacheEntry.getContext()).thenReturn(sessionContext);
    SessionExtenderResponse.SessionExtenderResponseBuilder responseBuilder = (SessionExtenderResponse.SessionExtenderResponseBuilder) sessionExtenderProcessor.process(sessionExtenderRequest);
    SessionExtenderResponse response = responseBuilder.build();
    assertNotNull(response.getTraceId(), "Error creating successful response.");
}
Also used : SessionExtenderResponse(org.wso2.carbon.identity.application.authentication.framework.session.extender.response.SessionExtenderResponse) SessionContextCacheEntry(org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheEntry) SessionContext(org.wso2.carbon.identity.application.authentication.framework.context.SessionContext) SessionContextCacheKey(org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheKey) SessionContextCache(org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCache) SessionExtenderRequest(org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Aggregations

SessionExtenderClientException (org.wso2.carbon.identity.application.authentication.framework.session.extender.exception.SessionExtenderClientException)3 SessionExtenderRequest (org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest)3 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)2 Test (org.testng.annotations.Test)2 SessionContextCacheEntry (org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheEntry)2 SessionContextCacheKey (org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCacheKey)2 SessionContext (org.wso2.carbon.identity.application.authentication.framework.context.SessionContext)2 SessionExtenderResponse (org.wso2.carbon.identity.application.authentication.framework.session.extender.response.SessionExtenderResponse)2 Cookie (javax.servlet.http.Cookie)1 SessionContextCache (org.wso2.carbon.identity.application.authentication.framework.cache.SessionContextCache)1