use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.
the class SessionExtenderProcessor method getSessionKey.
private String getSessionKey(SessionExtenderRequest sessionExtenderRequest) throws SessionExtenderClientException {
String sessionKeyFromParam = getSessionKeyFromParameters(sessionExtenderRequest);
String sessionKeyFromCookie = getSessionKeyFromCookie(sessionExtenderRequest);
// When both the cookie and parameter are present, check whether they match.
if (sessionKeyFromParam != null && sessionKeyFromCookie != null) {
if (!sessionKeyFromParam.equals(sessionKeyFromCookie)) {
throw new SessionExtenderClientException(SessionExtenderConstants.Error.CONFLICT.getCode(), SessionExtenderConstants.Error.CONFLICT.getMessage(), "Session key mismatch between cookie and parameter values.");
}
}
if (sessionKeyFromParam != null) {
if (log.isDebugEnabled()) {
log.debug("SessionExtenderProcessor proceeding with the sessionKey in the request. Identified session: " + sessionKeyFromParam);
}
return sessionKeyFromParam;
} else if (sessionKeyFromCookie != null) {
if (log.isDebugEnabled()) {
log.debug("SessionExtenderProcessor proceeding with the sessionCookie in the request. Identified " + "session: " + sessionKeyFromCookie);
}
return sessionKeyFromCookie;
} else {
throw new SessionExtenderClientException(SessionExtenderConstants.Error.INVALID_REQUEST.getCode(), SessionExtenderConstants.Error.INVALID_REQUEST.getMessage(), "No session key or cookie available for processing.");
}
}
use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.
the class SessionExtenderProcessorTest method testCanHandle.
@Test
public void testCanHandle() {
SessionExtenderRequest sessionExtenderRequest = mock(SessionExtenderRequest.class);
assertTrue(sessionExtenderProcessor.canHandle(sessionExtenderRequest), "Cannot handle valid " + "SessionExtenderRequest.");
}
use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.
the class SessionExtenderProcessor method process.
@Override
public IdentityResponse.IdentityResponseBuilder process(IdentityRequest identityRequest) throws SessionExtenderClientException {
if (log.isDebugEnabled()) {
log.debug("Request processing started by SessionExtenderProcessor.");
}
SessionExtenderRequest sessionExtenderRequest = (SessionExtenderRequest) identityRequest;
String tenantDomain = sessionExtenderRequest.getTenantDomain();
String sessionKey = getSessionKey(sessionExtenderRequest);
SessionContextCacheKey sessionContextCacheKey = new SessionContextCacheKey(sessionKey);
SessionContextCacheEntry sessionContextCacheEntry = SessionContextCache.getInstance().getSessionContextCacheEntry(sessionContextCacheKey, tenantDomain);
if (sessionContextCacheEntry == null) {
if (log.isDebugEnabled()) {
log.debug("No session available for requested session identifier: " + sessionKey);
}
throw new SessionExtenderClientException(SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getCode(), SessionExtenderConstants.Error.SESSION_NOT_AVAILABLE.getMessage(), "No session available for requested session identifier.");
}
SessionContext sessionContext = sessionContextCacheEntry.getContext();
long currentTime = System.currentTimeMillis();
FrameworkUtils.updateSessionLastAccessTimeMetadata(sessionKey, currentTime);
FrameworkUtils.addSessionContextToCache(sessionKey, sessionContext, tenantDomain, tenantDomain);
String traceId = FrameworkUtils.getCorrelation();
fireEvent(sessionKey, sessionContext, tenantDomain, traceId);
addAuditLogs(sessionKey, tenantDomain, traceId);
SessionExtenderResponse.SessionExtenderResponseBuilder responseBuilder = new SessionExtenderResponse.SessionExtenderResponseBuilder();
responseBuilder.setTraceId(traceId);
return responseBuilder;
}
use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.
the class SessionExtenderRequestFactory method create.
@Override
public IdentityRequest.IdentityRequestBuilder create(HttpServletRequest request, HttpServletResponse response) throws FrameworkClientException {
if (log.isDebugEnabled()) {
log.debug("SessionExtenderRequest creation initiated by the factory.");
}
SessionExtenderRequest.SessionExtenderRequestBuilder builder = new SessionExtenderRequest.SessionExtenderRequestBuilder(request, response);
super.create(builder, request, response);
String sessionKeyValue = request.getParameter(SESSION_ID_PARAM_NAME);
if (sessionKeyValue != null) {
builder.setSessionKey(sessionKeyValue);
}
Cookie commonAuthCookie = FrameworkUtils.getAuthCookie(request);
if (commonAuthCookie != null) {
builder.setSessionCookie(commonAuthCookie);
}
if (sessionKeyValue == null && commonAuthCookie == null) {
throw new SessionExtenderClientException(SessionExtenderConstants.Error.INVALID_REQUEST.getCode(), SessionExtenderConstants.Error.INVALID_REQUEST.getMessage(), "No session identifier parameter or cookie present in request.");
}
return builder;
}
use of org.wso2.carbon.identity.application.authentication.framework.session.extender.request.SessionExtenderRequest in project carbon-identity-framework by wso2.
the class SessionExtenderProcessorTest method testProcessWithSessionKey.
@Test(expectedExceptions = NullPointerException.class)
public void testProcessWithSessionKey() throws Exception {
mockStatic(SessionContextCache.class);
SessionExtenderRequest sessionExtenderRequest = mock(SessionExtenderRequest.class);
SessionContextCache sessionContextCache = mock(SessionContextCache.class);
SessionContextCacheKey sessionContextCacheKey = mock(SessionContextCacheKey.class);
SessionContextCacheEntry sessionContextCacheEntry = mock(SessionContextCacheEntry.class);
SessionContext sessionContext = mock(SessionContext.class);
whenNew(SessionContextCacheKey.class).withArguments(anyString()).thenReturn(sessionContextCacheKey);
when(sessionExtenderRequest.getTenantDomain()).thenReturn(TENANT_DOMAIN);
when(sessionExtenderRequest.getSessionKey()).thenReturn(IDP_SESSION_KEY);
when(SessionContextCache.getInstance()).thenReturn(sessionContextCache);
when(sessionContextCache.getSessionContextCacheEntry(anyObject(), anyString())).thenReturn(sessionContextCacheEntry);
when(sessionContextCacheEntry.getContext()).thenReturn(sessionContext);
SessionExtenderResponse.SessionExtenderResponseBuilder responseBuilder = (SessionExtenderResponse.SessionExtenderResponseBuilder) sessionExtenderProcessor.process(sessionExtenderRequest);
SessionExtenderResponse response = responseBuilder.build();
assertNotNull(response.getTraceId(), "Error creating successful response.");
}
Aggregations