]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms/src/org/argeo/cms/internal/auth/CmsSessionImpl.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Improve ACR attribute typing.
[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / auth / CmsSessionImpl.java
1 package org.argeo.cms.internal.auth;
2
3 import java.io.Serializable;
4 import java.time.ZonedDateTime;
5 import java.util.ArrayList;
6 import java.util.Collections;
7 import java.util.HashMap;
8 import java.util.List;
9 import java.util.Locale;
10 import java.util.Map;
11 import java.util.Objects;
12 import java.util.UUID;
13 import java.util.function.Consumer;
14
15 import javax.security.auth.Subject;
16 import javax.security.auth.login.LoginContext;
17 import javax.security.auth.login.LoginException;
18 import javax.security.auth.x500.X500Principal;
19
20 import org.argeo.api.cms.CmsAuth;
21 import org.argeo.api.cms.CmsConstants;
22 import org.argeo.api.cms.CmsLog;
23 import org.argeo.api.cms.CmsSession;
24 import org.argeo.cms.internal.runtime.CmsContextImpl;
25 import org.osgi.service.useradmin.Authorization;
26
27 /** Default CMS session implementation. */
28 public class CmsSessionImpl implements CmsSession, Serializable {
29 private static final long serialVersionUID = 1867719354246307225L;
30 private final static CmsLog log = CmsLog.getLog(CmsSessionImpl.class);
31
32 private transient Subject subject;
33 private final UUID uuid;
34 private final String localSessionId;
35 private Authorization authorization;
36 // private final LdapName userDn;
37 private final String userDn;
38 private final boolean anonymous;
39
40 private final ZonedDateTime creationTime;
41 private ZonedDateTime end;
42 private final Locale locale;
43
44 private Map<String, Object> views = new HashMap<>();
45
46 private List<Consumer<CmsSession>> onCloseCallbacks = Collections.synchronizedList(new ArrayList<>());
47
48 public CmsSessionImpl(UUID uuid, Subject initialSubject, Authorization authorization, Locale locale,
49 String localSessionId) {
50 Objects.requireNonNull(uuid);
51
52 this.creationTime = ZonedDateTime.now();
53 this.locale = locale;
54 this.subject = initialSubject;
55 this.localSessionId = localSessionId;
56 this.authorization = authorization;
57 if (authorization.getName() != null) {
58 this.userDn = authorization.getName();
59 this.anonymous = false;
60 } else {
61 this.userDn = CmsConstants.ROLE_ANONYMOUS;
62 this.anonymous = true;
63 }
64 this.uuid = uuid;
65 }
66
67 public void close() {
68 end = ZonedDateTime.now();
69 CmsContextImpl.getCmsContext().unregisterCmsSession(this);
70 // serviceRegistration.unregister();
71
72 for (Consumer<CmsSession> onClose : onCloseCallbacks) {
73 onClose.accept(this);
74 }
75
76 try {
77 LoginContext lc;
78 if (isAnonymous()) {
79 lc = CmsAuth.ANONYMOUS.newLoginContext(getSubject());
80 } else {
81 lc = CmsAuth.USER.newLoginContext(getSubject());
82 }
83 lc.logout();
84 } catch (LoginException e) {
85 log.warn("Could not logout " + getSubject() + ": " + e);
86 } finally {
87 subject = null;
88 }
89 log.debug("Closed " + this);
90 }
91
92 @Override
93 public void addOnCloseCallback(Consumer<CmsSession> onClose) {
94 onCloseCallbacks.add(onClose);
95 }
96
97 public Subject getSubject() {
98 return subject;
99 }
100
101 // public Set<SecretKey> getSecretKeys() {
102 // checkValid();
103 // return getSubject().getPrivateCredentials(SecretKey.class);
104 // }
105
106 @Override
107 public boolean isValid() {
108 return !isClosed();
109 }
110
111 private void checkValid() {
112 if (!isValid())
113 throw new IllegalStateException("CMS session " + uuid + " is not valid since " + end);
114 }
115
116 final protected boolean isClosed() {
117 return getEnd() != null;
118 }
119
120 public Authorization getAuthorization() {
121 checkValid();
122 return authorization;
123 }
124
125 @Override
126 public String getDisplayName() {
127 return authorization.toString();
128 }
129
130 @Override
131 public UUID getUuid() {
132 return uuid;
133 }
134
135 @Override
136 public String getUserDn() {
137 return userDn;
138 }
139
140 @Override
141 public String getUserRole() {
142 return new X500Principal(authorization.getName()).getName();
143 }
144
145 @Override
146 public String getLocalId() {
147 return localSessionId;
148 }
149
150 @Override
151 public boolean isAnonymous() {
152 return anonymous;
153 }
154
155 @Override
156 public Locale getLocale() {
157 return locale;
158 }
159
160 @Override
161 public ZonedDateTime getCreationTime() {
162 return creationTime;
163 }
164
165 @Override
166 public ZonedDateTime getEnd() {
167 return end;
168 }
169
170 @Override
171 public void registerView(String uid, Object view) {
172 checkValid();
173 if (views.containsKey(uid))
174 throw new IllegalArgumentException("View " + uid + " is already registered.");
175 views.put(uid, view);
176 }
177
178 public String toString() {
179 return "CMS Session " + userDn + " localId=" + localSessionId + ", uuid=" + uuid;
180 }
181 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi