aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java103
1 files changed, 81 insertions, 22 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 4288f48ad..4b4b5ddc5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -33,7 +33,10 @@ import org.hibernate.Query;
import org.hibernate.Session;
import org.hibernate.Transaction;
+import com.fasterxml.jackson.core.JsonProcessingException;
+
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
@@ -42,8 +45,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionSto
import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.commons.utils.JsonMapper;
import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.EncryptedData;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
@@ -60,6 +64,8 @@ public class AuthenticationSessionStoreage {
//private static HashMap<String, AuthenticationSession> sessionStore = new HashMap<String, AuthenticationSession>();
+ private static JsonMapper mapper = new JsonMapper();
+
public static boolean isAuthenticated(String moaSessionID) {
AuthenticatedSessionStore session;
@@ -73,34 +79,44 @@ public class AuthenticationSessionStoreage {
}
}
- public static AuthenticationSession createSession(String pendingRequestID) throws MOADatabaseException, BuildException {
+ public static AuthenticationSession createSession(IRequest target) throws MOADatabaseException, BuildException {
String id = Random.nextRandom();
-
- AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
- dbsession.setSessionid(id);
- dbsession.setAuthenticated(false);
+ try {
+ AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
+ dbsession.setSessionid(id);
+ dbsession.setAuthenticated(false);
- //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
- Date now = new Date();
- dbsession.setCreated(now);
- dbsession.setUpdated(now);
+ //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
+ Date now = new Date();
+ dbsession.setCreated(now);
+ dbsession.setUpdated(now);
- dbsession.setPendingRequestID(pendingRequestID);
+ dbsession.setPendingRequestID(target.getRequestID());
- AuthenticationSession session = new AuthenticationSession(id, now);
- encryptSession(session, dbsession);
+ //set additional session informations
+ AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions();
+ sessionExt.setUniqueSessionId(target.getSessionIdentifier());
+ dbsession.setAdditionalInformation(mapper.serialize(sessionExt));
- //store AssertionStore element to Database
- try {
+ AuthenticationSession session = new AuthenticationSession(id, now);
+ encryptSession(session, dbsession);
+
+ //store AssertionStore element to Database
MOASessionDBUtils.saveOrUpdate(dbsession);
- Logger.info("MOASession with sessionID=" + id + " is stored in Database");
+ Logger.info("Create MOASession with sessionID: " + id);
+
+ return session;
} catch (MOADatabaseException e) {
Logger.warn("MOASession could not be created.");
throw new MOADatabaseException(e);
+
+ } catch (JsonProcessingException e) {
+ Logger.warn("Extended session information can not be stored.", e);
+ throw new MOADatabaseException(e);
+
}
-
- return session;
+
}
public static AuthenticationSession getSession(String sessionID) throws MOADatabaseException {
@@ -118,6 +134,45 @@ public class AuthenticationSessionStoreage {
throw new MOADatabaseException("MOASession deserialization-exception");
}
}
+
+ public static AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException {
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+
+ if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) {
+ try {
+ return (AuthenticationSessionExtensions)mapper.deserialize(dbsession.getAdditionalInformation(),
+ AuthenticationSessionExtensions.class);
+
+ } catch (Exception e) {
+ Logger.warn("Extended session information extraction FAILED!", e);
+ }
+ }
+ return null;
+
+ }
+
+ public static void setAuthenticationSessionExtensions(String sessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException {
+ try {
+ AuthenticatedSessionStore dbsession = searchInDatabase(sessionID, true);
+
+ dbsession.setAdditionalInformation(
+ mapper.serialize(sessionExtensions));
+
+ MOASessionDBUtils.saveOrUpdate(dbsession);
+ Logger.debug("MOASession with sessionID=" + sessionID + " is stored in Database");
+
+
+ } catch (MOADatabaseException e) {
+ Logger.warn("MOASession could not be stored.");
+ throw new MOADatabaseException(e);
+
+ } catch (JsonProcessingException e) {
+ Logger.warn("Extended session information can not be stored.", e);
+ throw new MOADatabaseException("Extended session information can not be stored.", e);
+
+ }
+
+ }
public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {
storeSession(session, null);
@@ -385,8 +440,12 @@ public class AuthenticationSessionStoreage {
//send transaction
tx.commit();
- Logger.debug("Add SSO-Session login information for OA: " + OAUrl
- + " and AssertionID: " + SLOInfo.getSessionIndex());
+ if (SLOInfo != null)
+ Logger.info("Add SSO-Session login information for OA: " + OAUrl
+ + " and AssertionID: " + SLOInfo.getSessionIndex());
+ else
+ Logger.info("Add SSO-Session login information for OA: " + OAUrl);
+
}
} catch (MOADatabaseException e) {
@@ -750,7 +809,7 @@ public class AuthenticationSessionStoreage {
idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID());
try {
- OAAuthParameter oa = AuthConfigurationProvider.getInstance().
+ OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().
getOnlineApplicationParameter(idp.getIdpurlprefix());
idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed());
@@ -772,7 +831,7 @@ public class AuthenticationSessionStoreage {
//store AssertionStore element to Database
try {
MOASessionDBUtils.saveOrUpdate(dbsession);
- Logger.info("MOASession with sessionID=" + id + " is stored in Database");
+ Logger.debug("MOASession with sessionID=" + id + " is stored in Database");
} catch (MOADatabaseException e) {
Logger.warn("MOASession could not be created.");
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-20 10:46:24 +0000