diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java | 117 |
1 files changed, 53 insertions, 64 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java index 0df6379b0..405e44112 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java @@ -40,13 +40,19 @@ import org.springframework.transaction.annotation.Transactional; import com.fasterxml.jackson.core.JsonProcessingException; +import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption; +import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.AuthConfiguration; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; -import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; @@ -54,11 +60,8 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.commons.utils.JsonMapper; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator; import at.gv.egovernment.moa.id.data.EncryptedData; -import at.gv.egovernment.moa.id.data.SLOInformationInterface; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; -import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.id.util.SessionEncrytionUtil; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -68,35 +71,18 @@ import at.gv.egovernment.moa.util.MiscUtil; public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage{ @PersistenceContext(unitName="session") - private EntityManager entityManager; + private EntityManager entityManager; @Autowired AuthConfiguration authConfig; private static JsonMapper mapper = new JsonMapper(); - - //@Autowired MOASessionDBUtils moaSessionDBUtils; - - @Override - public boolean isAuthenticated(String internalSsoSessionID) { - - AuthenticatedSessionStore session; - try { - session = searchInDatabase(internalSsoSessionID); - return session.isAuthenticated(); - - } catch (MOADatabaseException e) { - return false; - } - } - @Override public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException { String id = Random.nextLongRandom(); try { AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore(); dbsession.setSessionid(id); - dbsession.setAuthenticated(false); //set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1 Date now = new Date(); @@ -106,9 +92,10 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt //set additional session informations AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions(); sessionExt.setUniqueSessionId(target.getUniqueSessionIdentifier()); - dbsession.setAdditionalInformation(mapper.serialize(sessionExt).getBytes("UTF-8")); + dbsession.setAdditionalInformationBytes(mapper.serialize(sessionExt).getBytes("UTF-8")); - AuthenticationSession session = new AuthenticationSession(id, now, target.getMOASession()); + AuthenticationSession session = new AuthenticationSession(id, now, + (IAuthenticationSession)target.getSessionData(AuthenticationSessionWrapper.class)); encryptSession(session, dbsession); //store AssertionStore element to Database @@ -123,7 +110,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } catch (JsonProcessingException | UnsupportedEncodingException e) { Logger.warn("Extended session information can not be stored.", e); - throw new MOADatabaseException(e); + throw new MOADatabaseException("Extended session information can not be stored.", e); } @@ -153,9 +140,9 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String sessionID) throws MOADatabaseException { AuthenticatedSessionStore dbsession = searchInDatabase(sessionID); - if (MiscUtil.isNotEmpty(dbsession.getAdditionalInformation())) { + if (dbsession.getAdditionalInformationBytes() != null) { try { - return (AuthenticationSessionExtensions)mapper.deserialize(new String(dbsession.getAdditionalInformation(), "UTF-8"), + return (AuthenticationSessionExtensions)mapper.deserialize(new String(dbsession.getAdditionalInformationBytes(), "UTF-8"), AuthenticationSessionExtensions.class); } catch (Exception e) { @@ -171,7 +158,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt try { AuthenticatedSessionStore dbsession = searchInDatabase(sessionID); - dbsession.setAdditionalInformation( + dbsession.setAdditionalInformationBytes( mapper.serialize(sessionExtensions).getBytes("UTF-8")); entityManager.merge(dbsession); @@ -180,7 +167,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } catch (MOADatabaseException e) { Logger.warn("MOASession could not be stored."); - throw new MOADatabaseException(e); + throw new MOADatabaseException("MOASession could not be stored.", e); } catch (JsonProcessingException | UnsupportedEncodingException e) { Logger.warn("Extended session information can not be stored.", e); @@ -228,12 +215,12 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public AuthenticationSession getInternalMOASessionWithSSOID(String SSOSessionID) throws MOADatabaseException { - MiscUtil.assertNotNull(SSOSessionID, "SSOsessionID"); - Logger.trace("Get authenticated session with SSOID " + SSOSessionID + " from database."); + public String getInternalSSOSessionWithSSOID(String externelSSOId) throws MOADatabaseException { + MiscUtil.assertNotNull(externelSSOId, "SSOsessionID"); + Logger.trace("Get authenticated session with SSOID " + externelSSOId + " from database."); Query query = entityManager.createNamedQuery("getSessionWithSSOID"); - query.setParameter("sessionid", SSOSessionID); + query.setParameter("sessionid", externelSSOId); List<AuthenticatedSessionStore> results = query.getResultList(); Logger.trace("Found entries: " + results.size()); @@ -245,7 +232,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } else try { - return decryptSession(results.get(0)); + return decryptSession(results.get(0)).getSSOSessionID(); } catch (Throwable e) { Logger.warn("MOASession deserialization-exception by using internal MOASessionID=" + results.get(0).getSessionid(), e); @@ -290,11 +277,11 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public void addSSOInformation(String moaSessionID, String SSOSessionID, + public void addSSOInformation(String internalSSOSessionID, String externalSSOSessionID, SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException { Query query = entityManager.createNamedQuery("getSessionWithID"); - query.setParameter("sessionid", moaSessionID); + query.setParameter("sessionid", internalSSOSessionID); List<AuthenticatedSessionStore> results = query.getResultList(); Logger.trace("Found entries: " + results.size()); @@ -312,7 +299,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt //check if OA already has an active OA session if (dbsession.getActiveOAsessions() != null) { for (OASessionStore el : dbsession.getActiveOAsessions()) { - if (el.getOaurlprefix().equals(protocolRequest.getOAURL())) + if (el.getOaurlprefix().equals(protocolRequest.getSPEntityId())) activeOA = el; } } @@ -321,7 +308,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt activeOA = new OASessionStore(); //set active OA applications - activeOA.setOaurlprefix(protocolRequest.getOAURL()); + activeOA.setOaurlprefix(protocolRequest.getSPEntityId()); activeOA.setMoasession(dbsession); activeOA.setCreated(new Date()); @@ -353,28 +340,28 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } dbsession.setSSOSession(true); - dbsession.setSSOsessionid(SSOSessionID); - dbsession.setAuthenticated(false); + dbsession.setSSOsessionid(externalSSOSessionID); + dbsession.setAuthenticated(true); //Store MOASession entityManager.merge(dbsession); if (SLOInfo != null) - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL() + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getSPEntityId() + " and AssertionID: " + SLOInfo.getSessionIndex()); else - Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getOAURL()); + Logger.info("Add SSO-Session login information for OA: " + protocolRequest.getSPEntityId()); } @Override - public List<OASessionStore> getAllActiveOAFromMOASession(IAuthenticationSession moaSession) { - MiscUtil.assertNotNull(moaSession, "MOASession"); + public List<OASessionStore> getAllActiveOAFromMOASession(String ssoSessionId) { + MiscUtil.assertNotNull( ssoSessionId, "MOASession"); - Logger.trace("Get OAs for moaSession " + moaSession.getSessionID() + " from database."); + Logger.trace("Get OAs for moaSession " + ssoSessionId + " from database."); Query query = entityManager.createNamedQuery("getAllActiveOAsForSessionID"); - query.setParameter("sessionID", moaSession.getSessionID()); + query.setParameter("sessionID", ssoSessionId); List<OASessionStore> results = query.getResultList(); Logger.trace("Found entries: " + results.size()); @@ -384,13 +371,13 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(IAuthenticationSession moaSession) { - MiscUtil.assertNotNull(moaSession, "MOASession"); + public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(String ssoSessionId) { + MiscUtil.assertNotNull( ssoSessionId, "MOASession"); - Logger.trace("Get active IDPs for moaSession " + moaSession.getSessionID() + " from database."); + Logger.trace("Get active IDPs for moaSession " + ssoSessionId + " from database."); Query query = entityManager.createNamedQuery("getAllActiveIDPsForSessionID"); - query.setParameter("sessionID", moaSession.getSessionID()); + query.setParameter("sessionID", ssoSessionId); List<InterfederationSessionStore> results = query.getResultList(); Logger.trace("Found entries: " + results.size()); @@ -399,7 +386,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public IAuthenticationSession searchMOASessionWithNameIDandOAID(String oaID, String userNameID) { + public String searchSSOSessionWithNameIDandOAID(String oaID, String userNameID) { MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); MiscUtil.assertNotNull(userNameID, "userNameID"); Logger.trace("Get moaSession for userNameID " + userNameID + " and OA " @@ -419,8 +406,10 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } - try { - return decryptSession(results.get(0)); + try { + AuthenticationSession decrytedSession = decryptSession(results.get(0)); + + return decrytedSession.getSSOSessionID(); } catch (BuildException e) { Logger.warn("MOASession deserialization-exception by using MOASessionID=" + results.get(0).getSessionid(), e); @@ -434,11 +423,11 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt MiscUtil.assertNotNull(moaSession, "MOASession"); MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier"); MiscUtil.assertNotNull(protocolType, "usedProtocol"); - Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID " + Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSSOSessionID() + " with OAID " + oaID + " from database."); Query query = entityManager.createNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol"); - query.setParameter("sessionID", moaSession.getSessionID()); + query.setParameter("sessionID", moaSession.getSSOSessionID()); query.setParameter("oaID", oaID); query.setParameter("protocol", protocolType); List<AuthenticatedSessionStore> results = query.getResultList(); @@ -545,25 +534,25 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt } @Override - public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException { + public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException, EAAFConfigurationException { AuthenticatedSessionStore dbsession = null; - AuthenticationSession moaSession = null; + String internalSSOSessionId = null; Date now = new Date(); //search for active session if (MiscUtil.isNotEmpty(req.getInternalSSOSessionIdentifier())) { Logger.debug("Internal SSO-Session object: " + req.getInternalSSOSessionIdentifier() + " used for federated SSO"); - moaSession = getInternalMOASessionWithSSOID(req.getInternalSSOSessionIdentifier()); + internalSSOSessionId = req.getInternalSSOSessionIdentifier(); } else { Logger.debug("No internal SSO-Session object exists for federated SSO --> create new session object"); - moaSession = createInternalSSOSession(req); + internalSSOSessionId = createInternalSSOSession(req).getSSOSessionID(); } - if (moaSession != null) { + if (MiscUtil.isNotEmpty(internalSSOSessionId)) { try { - dbsession = searchInDatabase(moaSession.getSessionID()); + dbsession = searchInDatabase(internalSSOSessionId); }catch (MOADatabaseException e) { Logger.error("NO MOASession found but MOASession MUST already exist!"); @@ -617,7 +606,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt idp.setIdpurlprefix(idpEntityID); idp.setAuthURL(req.getAuthURL()); - IOAAuthParameters oa = authConfig.getOnlineApplicationParameter(idp.getIdpurlprefix()); + IOAAuthParameters oa = authConfig.getServiceProviderConfiguration(idp.getIdpurlprefix(), OAAuthParameterDecorator.class); idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed()); idp.setMoasession(dbsession); idpList.add(idp); @@ -793,7 +782,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt Query query = entityManager.createNamedQuery("getSSOSessionWithOldSessionID"); query.setParameter("sessionid", ssoId); List<OldSSOSessionIDStore> results = query.getResultList(); - + Logger.trace("Found entries: " + results.size()); // Assertion requires an unique artifact |