MapUserSessionAdapter.java
/*
* Copyright 2021 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.models.map.userSession;
import org.keycloak.common.util.Time;
import org.keycloak.models.AuthenticatedClientSessionModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelIllegalStateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.map.common.TimeAdapter;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
import static org.keycloak.models.map.common.ExpirationUtils.isExpired;
import static org.keycloak.models.map.userSession.SessionExpiration.setUserSessionExpiration;
/**
* @author <a href="mailto:mkanis@redhat.com">Martin Kanis</a>
*/
public class MapUserSessionAdapter extends AbstractUserSessionModel {
private final UserModel user;
public MapUserSessionAdapter(KeycloakSession session, RealmModel realm, UserModel userModel, MapUserSessionEntity entity) {
super(session, realm, entity);
this.user = userModel;
}
@Override
public String getId() {
return entity.getId();
}
@Override
public RealmModel getRealm() {
return realm;
}
@Override
public String getBrokerSessionId() {
return entity.getBrokerSessionId();
}
@Override
public String getBrokerUserId() {
return entity.getBrokerUserId();
}
@Override
public UserModel getUser() {
return this.user;
}
@Override
public String getLoginUsername() {
return entity.getLoginUsername();
}
@Override
public String getIpAddress() {
return entity.getIpAddress();
}
@Override
public String getAuthMethod() {
return entity.getAuthMethod();
}
@Override
public boolean isRememberMe() {
Boolean rememberMe = entity.isRememberMe();
return rememberMe != null ? rememberMe : false;
}
@Override
public int getStarted() {
Long started = entity.getTimestamp();
return started != null ? TimeAdapter.fromLongWithTimeInSecondsToIntegerWithTimeInSeconds(TimeAdapter.fromMilliSecondsToSeconds(started)) : 0;
}
@Override
public int getLastSessionRefresh() {
Long lastSessionRefresh = entity.getLastSessionRefresh();
return lastSessionRefresh != null ? TimeAdapter.fromLongWithTimeInSecondsToIntegerWithTimeInSeconds(TimeAdapter.fromMilliSecondsToSeconds(lastSessionRefresh)) : 0;
}
@Override
public void setLastSessionRefresh(int seconds) {
entity.setLastSessionRefresh(TimeAdapter.fromSecondsToMilliseconds(seconds));
// whenever the lastSessionRefresh is changed recompute the expiration time
setUserSessionExpiration(entity, realm);
}
@Override
public boolean isOffline() {
Boolean offline = entity.isOffline();
return offline != null ? offline : false;
}
@Override
public Map<String, AuthenticatedClientSessionModel> getAuthenticatedClientSessions() {
Set<MapAuthenticatedClientSessionEntity> authenticatedClientSessions = entity.getAuthenticatedClientSessions();
if (authenticatedClientSessions == null) {
return Collections.emptyMap();
}
return authenticatedClientSessions
.stream()
.filter(this::filterAndRemoveExpiredClientSessions)
.filter(this::matchingOfflineFlag)
.filter(this::filterAndRemoveClientSessionWithoutClient)
.collect(Collectors.toMap(MapAuthenticatedClientSessionEntity::getClientId, this::clientSessionEntityToModel));
}
private AuthenticatedClientSessionModel clientSessionEntityToModel(MapAuthenticatedClientSessionEntity clientSessionEntity) {
return new MapAuthenticatedClientSessionAdapter(session, realm, this, clientSessionEntity) {
@Override
public void detachFromUserSession() {
MapUserSessionAdapter.this.entity.removeAuthenticatedClientSession(entity.getClientId());
this.userSession = null;
}
};
}
public boolean filterAndRemoveExpiredClientSessions(MapAuthenticatedClientSessionEntity clientSession) {
try {
if (isExpired(clientSession, false)) {
entity.removeAuthenticatedClientSession(clientSession.getClientId());
return false;
}
} catch (ModelIllegalStateException ex) {
entity.removeAuthenticatedClientSession(clientSession.getClientId());
return false;
}
return true;
}
public boolean filterAndRemoveClientSessionWithoutClient(MapAuthenticatedClientSessionEntity clientSession) {
ClientModel client = realm.getClientById(clientSession.getClientId());
if (client == null) {
entity.removeAuthenticatedClientSession(clientSession.getId());
// Filter out entities that doesn't have client
return false;
}
// client session has client so we do not filter it out
return true;
}
public boolean matchingOfflineFlag(MapAuthenticatedClientSessionEntity clientSession) {
Boolean isClientSessionOffline = clientSession.isOffline();
// If client session doesn't have offline flag default to false
if (isClientSessionOffline == null) {
return !isOffline();
}
return isOffline() == isClientSessionOffline;
}
@Override
public AuthenticatedClientSessionModel getAuthenticatedClientSessionByClient(String clientUUID) {
return entity.getAuthenticatedClientSession(clientUUID)
.filter(this::filterAndRemoveExpiredClientSessions)
.filter(this::matchingOfflineFlag)
.filter(this::filterAndRemoveClientSessionWithoutClient)
.map(this::clientSessionEntityToModel)
.orElse(null);
}
@Override
public void removeAuthenticatedClientSessions(Collection<String> removedClientUKS) {
removedClientUKS.forEach(entity::removeAuthenticatedClientSession);
}
@Override
public String getNote(String name) {
return (name != null) ? entity.getNote(name) : null;
}
@Override
public void setNote(String name, String value) {
if (name != null) {
if (value == null) {
entity.removeNote(name);
} else {
entity.setNote(name, value);
}
}
}
@Override
public void removeNote(String name) {
if (name != null) {
entity.removeNote(name);
}
}
@Override
public Map<String, String> getNotes() {
Map<String, String> notes = entity.getNotes();
return notes == null ? Collections.emptyMap() : Collections.unmodifiableMap(notes);
}
@Override
public State getState() {
return entity.getState();
}
@Override
public void setState(State state) {
entity.setState(state);
}
@Override
public void restartSession(RealmModel realm, UserModel user, String loginUsername, String ipAddress, String authMethod,
boolean rememberMe, String brokerSessionId, String brokerUserId) {
entity.setRealmId(realm.getId());
entity.setUserId(user.getId());
entity.setLoginUsername(loginUsername);
entity.setIpAddress(ipAddress);
entity.setAuthMethod(authMethod);
entity.setRememberMe(rememberMe);
entity.setBrokerSessionId(brokerSessionId);
entity.setBrokerUserId(brokerUserId);
long currentTime = Time.currentTimeMillis();
entity.setTimestamp(currentTime);
entity.setLastSessionRefresh(currentTime);
entity.setState(null);
String correspondingSessionId = entity.getNote(CORRESPONDING_SESSION_ID);
entity.setNotes(new ConcurrentHashMap<>());
if (correspondingSessionId != null) {
entity.setNote(CORRESPONDING_SESSION_ID, correspondingSessionId);
}
entity.clearAuthenticatedClientSessions();
}
@Override
public String toString() {
return String.format("%s@%08x", getId(), hashCode());
}
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
}
if (!(o instanceof UserSessionModel)) {
return false;
}
UserSessionModel that = (UserSessionModel) o;
return Objects.equals(that.getId(), getId());
}
@Override
public int hashCode() {
return getId().hashCode();
}
}