add unique session ID for logging

1 files changed, 71 insertions, 16 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 4288f48ad..541dc23b6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -33,7 +33,10 @@ import org.hibernate.Query;
 import org.hibernate.Session;
 import org.hibernate.Transaction;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
@@ -42,6 +45,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionSto
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.utils.JsonMapper;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -60,6 +64,8 @@ public class AuthenticationSessionStoreage {
 
 	//private static HashMap<String, AuthenticationSession> sessionStore = new HashMap<String, AuthenticationSession>();
 
+	private static JsonMapper mapper = new JsonMapper();
+	
 	public static boolean isAuthenticated(String moaSessionID) {
 		
 		AuthenticatedSessionStore session;
@@ -73,34 +79,44 @@ public class AuthenticationSessionStoreage {
 		}
 	}
 
-	public static AuthenticationSession createSession(String pendingRequestID) throws MOADatabaseException, BuildException {
+	public static AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException {
 		String id = Random.nextRandom();
-
-		AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
-		dbsession.setSessionid(id);
-		dbsession.setAuthenticated(false);
+		try {
+			AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
+			dbsession.setSessionid(id);
+			dbsession.setAuthenticated(false);
 		
-		//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
-		Date now = new Date();
-		dbsession.setCreated(now);
-		dbsession.setUpdated(now);
+			//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
+			Date now = new Date();
+			dbsession.setCreated(now);
+			dbsession.setUpdated(now);
 		
-		dbsession.setPendingRequestID(pendingRequestID);
+			dbsession.setPendingRequestID(target.getRequestID());
 		
-		AuthenticationSession session = new AuthenticationSession(id, now);
-		encryptSession(session, dbsession);
+			//set additional session informations
+			AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions();
+			sessionExt.setUniqueSessionId(target.getSessionIdentifier());
+			dbsession.setAdditionalInformation(mapper.serialize(sessionExt));
 		
-		//store AssertionStore element to Database
-		try {
+			AuthenticationSession session = new AuthenticationSession(id, now);
+			encryptSession(session, dbsession);
+		
+			//store AssertionStore element to Database		
 			MOASessionDBUtils.saveOrUpdate(dbsession);
 			Logger.info("MOASession with sessionID=" + id + " is stored in Database");
 			
+			return session;
+			
 		} catch (MOADatabaseException e) {
 			Logger.warn("MOASession could not be created.");
 			throw new MOADatabaseException(e);
+			
+		} catch (JsonProcessingException e) {
+			Logger.warn("Extended session information can not be stored.", e);
+			throw new MOADatabaseException(e);
+			
 		}
-		
-		return session;
+				
 	}
 
 	public static AuthenticationSession getSession(String sessionID) throws MOADatabaseException {
@@ -118,6 +134,45 @@ public class AuthenticationSessionStoreage {
 			throw new MOADatabaseException("MOASession deserialization-exception");
 		}
 	}
+
+	public static AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException {
+		AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+		
+		if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) {
+			try {
+				return (AuthenticationSessionExtensions)mapper.deserialize(dbsession.getAdditionalInformation(), 
+						AuthenticationSessionExtensions.class);
+				
+			} catch (Exception e) {
+				Logger.warn("Extended session information extraction FAILED!", e);
+			}			
+		}
+		return null;
+		
+	}
+	
+	public static void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException {
+		try {
+			AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+			
+			dbsession.setAdditionalInformation(
+					mapper.serialize(sessionExtensions));
+			
+			MOASessionDBUtils.saveOrUpdate(dbsession);
+			Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database");
+			
+			
+		} catch (MOADatabaseException e) {
+			Logger.warn("MOASession could not be stored.");
+			throw new MOADatabaseException(e);
+			
+		} catch (JsonProcessingException e) {
+			Logger.warn("Extended session information can not be stored.", e);
+			throw new MOADatabaseException("Extended session information can not be stored.", e);
+			
+		} 
+		
+	}
 	
 	public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {
 		storeSession(session, null);