2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.securityutil;
23 import org.openecomp.sdc.securityutil.filters.SessionValidationFilter;
24 import org.slf4j.Logger;
25 import org.slf4j.LoggerFactory;
27 import javax.servlet.http.Cookie;
28 import java.io.IOException;
30 public class AuthenticationCookieUtils {
32 private static final Logger log = LoggerFactory.getLogger(SessionValidationFilter.class.getName());
35 * Update given cookie session time value to current time
38 * @param filterConfiguration
40 * @throws CipherUtilException
43 public static Cookie updateSessionTime(Cookie cookie, ISessionValidationFilterConfiguration filterConfiguration) throws CipherUtilException, IOException {
44 AuthenticationCookie authenticationCookie = getAuthenticationCookie(cookie, filterConfiguration);
45 long newTime = System.currentTimeMillis();
46 log.debug("SessionValidationFilter: Going to set new session time in cookie, old value: {}, new value: {}", authenticationCookie.getCurrentSessionTime(), newTime);
47 authenticationCookie.setCurrentSessionTime(newTime);
48 String encryptedCookie = getEncryptedCookie(authenticationCookie, filterConfiguration);
49 return createUpdatedCookie(cookie, encryptedCookie, filterConfiguration);
53 * Create new Cookie object with same attributes as original cookie
55 * @param encryptedCookie
56 * @param cookieConfiguration
59 public static Cookie createUpdatedCookie(Cookie cookie, String encryptedCookie, ISessionValidationCookieConfiguration cookieConfiguration) {
60 Cookie updatedCookie = new Cookie(cookie.getName(), encryptedCookie );
61 updatedCookie.setPath(cookieConfiguration.getCookiePath());
62 updatedCookie.setDomain(cookieConfiguration.getCookieDomain());
63 updatedCookie.setHttpOnly(cookieConfiguration.isCookieHttpOnly());
68 * Convert AuthenticationCookie to JSON and encrypt with given key
70 * @param authenticationCookie
71 * @param filterConfiguration
74 * @throws CipherUtilException
76 public static String getEncryptedCookie(AuthenticationCookie authenticationCookie, ISessionValidationFilterConfiguration filterConfiguration) throws IOException, CipherUtilException {
77 String changedCookieJson = RepresentationUtils.toRepresentation(authenticationCookie);
78 return CipherUtil.encryptPKC(changedCookieJson, filterConfiguration.getSecurityKey());
82 * Decrypt given Cookie to JSON and convert to AuthenticationCookie object
85 * @param filterConfiguration
87 * @throws CipherUtilException
89 public static AuthenticationCookie getAuthenticationCookie(Cookie cookie, ISessionValidationFilterConfiguration filterConfiguration) throws CipherUtilException {
90 String originalCookieJson = CipherUtil.decryptPKC(cookie.getValue(), filterConfiguration.getSecurityKey());
91 return RepresentationUtils.fromRepresentation(originalCookieJson, AuthenticationCookie.class);
95 * session expired if session was idle or max time reached
98 * @param filterConfiguration
100 * @throws CipherUtilException
102 public static boolean isSessionExpired(Cookie cookie, ISessionValidationFilterConfiguration filterConfiguration) throws CipherUtilException {
103 AuthenticationCookie authenticationCookie = getAuthenticationCookie(cookie, filterConfiguration);
104 long sessionExpirationDate = authenticationCookie.getMaxSessionTime() + filterConfiguration.getMaxSessionTimeOut();
105 long sessionTime = authenticationCookie.getCurrentSessionTime();
106 long currentTime = System.currentTimeMillis();
107 log.debug("SessionValidationFilter: Checking if session expired: session time: {}, expiration time: {}, current time: {}", sessionTime, sessionExpirationDate, currentTime);
108 return currentTime > sessionExpirationDate || isSessionIdle(sessionTime, currentTime, filterConfiguration);
112 * Session is idle if wasn't updated ( wasn't in use ) for more then value from filter configuration
114 * @param sessionTimeValue
116 * @param filterConfiguration
119 public static boolean isSessionIdle(long sessionTimeValue, long currentTime, ISessionValidationFilterConfiguration filterConfiguration) {
120 long currentIdleTime = currentTime - sessionTimeValue;
121 long maxIdleTime = filterConfiguration.getSessionIdleTimeOut();
122 log.debug("SessionValidationFilter: Checking if session idle: session time: {}, current idle time: {}, max idle time: {}", currentTime, currentIdleTime, maxIdleTime);
123 return currentIdleTime >= maxIdleTime;