package org.openslx.imagemaster.session;
import java.sql.SQLException;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.openslx.bwlp.thrift.iface.ClientSessionData;
import org.openslx.bwlp.thrift.iface.Satellite;
import org.openslx.bwlp.thrift.iface.TAuthorizationException;
import org.openslx.bwlp.thrift.iface.TNotFoundException;
import org.openslx.bwlp.thrift.iface.UserInfo;
import org.openslx.imagemaster.db.mappers.DbSatellite;
import org.openslx.imagemaster.util.Hash;
import org.openslx.util.QuickTimer;
import org.openslx.util.QuickTimer.Task;
/**
* Class for managing active user sessions. This class and all its function are
* (supposed to be) thread-safe.
*/
public class SessionManager
{
private static Logger log = LogManager.getLogger( SessionManager.class );
// Map of currently known sessions
private static final Map<String, Session> sessions = new LinkedHashMap<>();
// Map of pending "access code -> session" lookups
private static final Map<String, AccessCode> accessCodes = new ConcurrentHashMap<>();
public static ClientSessionData addSession( Session session )
{
final String authToken = Hash.md5( UUID.randomUUID().toString() );
final String sessionId = Hash.sha256( UUID.randomUUID().toString() );
synchronized ( sessions ) {
sessions.put( authToken, session );
sessions.put( sessionId, session );
}
UserInfo ui = session.getUserInfo();
List<Satellite> sats;
try {
sats = DbSatellite.getSatellites( ui );
} catch ( SQLException e ) {
sats = null;
}
return new ClientSessionData( sessionId, authToken, sats, ui );
}
public static ClientSessionData addSession( Session session, String accessToken )
{
ClientSessionData s = addSession( session );
if ( accessToken != null ) {
accessCodes.put( accessToken, new AccessCode( s, null ) );
}
return s;
}
public static void addAuthError( TAuthorizationException ex, String accessToken )
{
if ( accessToken == null )
return;
accessCodes.put( accessToken, new AccessCode( null, ex ) );
}
static {
QuickTimer.scheduleAtFixedDelay( new Task() {
@Override
public void fire()
{
synchronized ( sessions ) {
Iterator<Session> it = sessions.values().iterator();
while ( it.hasNext() ) {
final Session s = it.next();
if ( s.timedOut() ) {
it.remove();
}
}
}
Iterator<AccessCode> it = accessCodes.values().iterator();
while ( it.hasNext() ) {
final AccessCode s = it.next();
if ( s.timedOut() ) {
it.remove();
}
}
}
}, 123, TimeUnit.MINUTES.toMillis( 13 ) );
}
/**
* Get from userToken, known to satellite servers.
*/
public static Session getSessionFromToken( String token )
{
if ( token == null || token.length() != 32 ) {
log.debug( "invalid token format: " + token );
return null;
}
final Session session;
synchronized ( sessions ) {
session = sessions.get( token );
}
if ( session == null || session.timedOut() ) {
return null;
}
return session;
}
/**
* Get from sessionId, only known by client/user and us.
*/
public static Session getSessionFromSessionId( String sessionId )
{
if ( sessionId == null || sessionId.length() != 64 ) {
log.debug( "invalid sessionid format: " + sessionId );
return null;
}
final Session session;
synchronized ( sessions ) {
session = sessions.get( sessionId );
}
if ( session == null || session.timedOut() ) {
return null;
}
session.refresh();
return session;
}
public static Session getSessionFromSessionIdOrToken( String sessionId )
{
final Session session;
synchronized ( sessions ) {
session = sessions.get( sessionId );
}
if ( session == null || session.timedOut() ) {
return null;
}
return session;
}
public static void invalidate( String sessionId )
{
if ( sessionId == null || sessionId.length() != 64 ) {
log.debug( "invalidate: invalid sessionid format: " + sessionId );
return;
}
synchronized ( sessions ) {
Session session = sessions.get( sessionId );
if ( session != null ) {
session.invalidate();
}
}
}
/**
* Get the according session data (satToken, masterToken) for given access code, which was
* supplied by the client earlier. This can only be done once; retrieving the session will remove
* the entry from the lookup table.
*/
public static ClientSessionData getSessionFromAccessCode( String accessCode )
throws TNotFoundException, TAuthorizationException
{
AccessCode data = accessCodes.remove( accessCode );
if ( data == null )
throw new TNotFoundException();
if ( data.ex != null )
throw data.ex;
return data.clientSession;
}
}