Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kustvakt / fdd9a01a84082776dc48b3daf787879e25e4dbb2 / . / src / main / java / de / ids_mannheim / korap / security / auth / SessionAuthentication.java
blob: c02e2c8e0b46093d651bb6c4f23595f51540b433 [file] [log] [blame]
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]1package de.ids_mannheim.korap.security.auth;
2
3import de.ids_mannheim.korap.config.KustvaktConfiguration;
4import de.ids_mannheim.korap.exceptions.KustvaktException;
5import de.ids_mannheim.korap.exceptions.StatusCodes;
6import de.ids_mannheim.korap.interfaces.AuthenticationIface;
7import de.ids_mannheim.korap.interfaces.EncryptionIface;
8import de.ids_mannheim.korap.user.Attributes;
9import de.ids_mannheim.korap.user.TokenContext;
10import de.ids_mannheim.korap.user.User;
11import de.ids_mannheim.korap.utils.KustvaktLogger;
12import de.ids_mannheim.korap.utils.TimeUtils;
13import org.joda.time.DateTime;
14import org.slf4j.Logger;
15
16import java.util.Map;
17import java.util.concurrent.ScheduledThreadPoolExecutor;
18import java.util.concurrent.TimeUnit;
19
20/**
21 * implementation of the AuthenticationIface to handle korap authentication
22 * internals
23 *
24 * @author hanl
25 */
26public class SessionAuthentication implements AuthenticationIface {
27
28 private static Logger jlog = KustvaktLogger
Michael Hanlfdd9a012015-11-13 15:56:38 +0100[diff] [blame^]29 .getLogger(SessionAuthentication.class);
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]30 private SessionFactory sessions;
31 private ScheduledThreadPoolExecutor scheduled;
32 private EncryptionIface crypto;
33 private KustvaktConfiguration config;
34
35 public SessionAuthentication(KustvaktConfiguration config,
36 EncryptionIface crypto) {
37 jlog.info("initialize session authentication handler");
38 this.crypto = crypto;
39 this.config = config;
40 this.scheduled = new ScheduledThreadPoolExecutor(1);
41 this.sessions = new SessionFactory(this.config.isAllowMultiLogIn(),
42 this.config.getInactiveTime());
43 this.scheduled.scheduleAtFixedRate(this.sessions,
44 this.config.getInactiveTime() / 2,
45 this.config.getInactiveTime(), TimeUnit.SECONDS);
46 }
47
48 @Override
49 public TokenContext getUserStatus(String authenticationToken)
50 throws KustvaktException {
51 jlog.debug("retrieving user session for user '{}'",
52 authenticationToken);
53 if (authenticationToken == null)
54 throw new KustvaktException(StatusCodes.PERMISSION_DENIED);
55 return this.sessions.getSession(authenticationToken);
56 }
57
58 @Override
59 public TokenContext createUserSession(User user, Map attr)
60 throws KustvaktException {
61 DateTime now = TimeUtils.getNow();
62 DateTime ex = TimeUtils
63 .getExpiration(now.getMillis(), config.getExpiration());
64 String token = crypto
65 .createToken(true, user.getUsername(), now.getMillis());
Michael Hanle25dea22015-09-24 19:37:56 +0200[diff] [blame]66 TokenContext ctx = new TokenContext();
Michael Hanl87106d12015-09-14 18:13:51 +0200[diff] [blame]67 ctx.setUsername(user.getUsername());
68 ctx.setTokenType(Attributes.SESSION_AUTHENTICATION);
69 ctx.setToken(token);
70 ctx.setExpirationTime(ex.getMillis());
71 ctx.setHostAddress(attr.get(Attributes.HOST).toString());
72 ctx.setUserAgent(attr.get(Attributes.USER_AGENT).toString());
73 this.sessions.putSession(token, ctx);
74 jlog.info("create session for user: " + user.getUsername());
75 return ctx;
76 }
77
78 @Override
79 public void removeUserSession(String token) {
80 this.sessions.removeSession(token);
81 }
82
83 @Override
84 public TokenContext refresh(TokenContext context) throws KustvaktException {
85 throw new UnsupportedOperationException("method not supported");
86 }
87
88 @Override
89 public String getIdentifier() {
90 return Attributes.SESSION_AUTHENTICATION;
91 }
92
93}