diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java | 103 |
1 files changed, 81 insertions, 22 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java index 4288f48ad..4b4b5ddc5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java @@ -33,7 +33,10 @@ import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.Transaction; +import com.fasterxml.jackson.core.JsonProcessingException; + import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; @@ -42,8 +45,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionSto import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.commons.utils.JsonMapper; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; @@ -60,6 +64,8 @@ public class AuthenticationSessionStoreage { //private static HashMap<String, AuthenticationSession> sessionStore = new HashMap<String, AuthenticationSession>(); + private static JsonMapper mapper = new JsonMapper(); + public static boolean isAuthenticated(String moaSessionID) { AuthenticatedSessionStore session; @@ -73,34 +79,44 @@ public class AuthenticationSessionStoreage { } } - public static AuthenticationSession createSession(String pendingRequestID) throws MOADatabaseException, BuildException { + public static AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException { String id = Random.nextRandom(); - - AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore(); - dbsession.setSessionid(id); - dbsession.setAuthenticated(false); + try { + AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore(); + dbsession.setSessionid(id); + dbsession.setAuthenticated(false); - //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 - Date now = new Date(); - dbsession.setCreated(now); - dbsession.setUpdated(now); + //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 + Date now = new Date(); + dbsession.setCreated(now); + dbsession.setUpdated(now); - dbsession.setPendingRequestID(pendingRequestID); + dbsession.setPendingRequestID(target.getRequestID()); - AuthenticationSession session = new AuthenticationSession(id, now); - encryptSession(session, dbsession); + //set additional session informations + AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions(); + sessionExt.setUniqueSessionId(target.getSessionIdentifier()); + dbsession.setAdditionalInformation(mapper.serialize(sessionExt)); - //store AssertionStore element to Database - try { + AuthenticationSession session = new AuthenticationSession(id, now); + encryptSession(session, dbsession); + + //store AssertionStore element to Database MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.info("MOASession with sessionID=" + id + " is stored in Database"); + Logger.info("Create MOASession with sessionID: " + id); + + return session; } catch (MOADatabaseException e) { Logger.warn("MOASession could not be created."); throw new MOADatabaseException(e); + + } catch (JsonProcessingException e) { + Logger.warn("Extended session information can not be stored.", e); + throw new MOADatabaseException(e); + } - - return session; + } public static AuthenticationSession getSession(String sessionID) throws MOADatabaseException { @@ -118,6 +134,45 @@ public class AuthenticationSessionStoreage { throw new MOADatabaseException("MOASession deserialization-exception"); } } + + public static AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException { + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + + if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) { + try { + return (AuthenticationSessionExtensions)mapper.deserialize(dbsession.getAdditionalInformation(), + AuthenticationSessionExtensions.class); + + } catch (Exception e) { + Logger.warn("Extended session information extraction FAILED!", e); + } + } + return null; + + } + + public static void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException { + try { + AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true); + + dbsession.setAdditionalInformation( + mapper.serialize(sessionExtensions)); + + MOASessionDBUtils.saveOrUpdate(dbsession); + Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database"); + + + } catch (MOADatabaseException e) { + Logger.warn("MOASession could not be stored."); + throw new MOADatabaseException(e); + + } catch (JsonProcessingException e) { + Logger.warn("Extended session information can not be stored.", e); + throw new MOADatabaseException("Extended session information can not be stored.", e); + + } + + } public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException { storeSession(session, null); @@ -385,8 +440,12 @@ public class AuthenticationSessionStoreage { //send transaction tx.commit(); - Logger.debug("Add SSO-Session login information for OA: " + OAUrl - + " and AssertionID: " + SLOInfo.getSessionIndex()); + if (SLOInfo != null) + Logger.info("Add SSO-Session login information for OA: " + OAUrl + + " and AssertionID: " + SLOInfo.getSessionIndex()); + else + Logger.info("Add SSO-Session login information for OA: " + OAUrl); + } } catch (MOADatabaseException e) { @@ -750,7 +809,7 @@ public class AuthenticationSessionStoreage { idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID()); try { - OAAuthParameter oa = AuthConfigurationProvider.getInstance(). + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance(). getOnlineApplicationParameter(idp.getIdpurlprefix()); idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed()); @@ -772,7 +831,7 @@ public class AuthenticationSessionStoreage { //store AssertionStore element to Database try { MOASessionDBUtils.saveOrUpdate(dbsession); - Logger.info("MOASession with sessionID=" + id + " is stored in Database"); + Logger.debug("MOASession with sessionID=" + id + " is stored in Database"); } catch (MOADatabaseException e) { Logger.warn("MOASession could not be created."); |