ecomp-portal-BE-common/src/main/java/org/openecomp/portalapp/util/SessionCookieUtil.java

   1 /*-
   2  * ================================================================================
   3  * ECOMP Portal
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ================================================================================
  19  */
  20 package org.openecomp.portalapp.util;
  21
  22 import javax.servlet.http.Cookie;
  23 import javax.servlet.http.HttpServletRequest;
  24 import javax.servlet.http.HttpServletResponse;
  25 import javax.servlet.http.HttpSession;
  26
  27 import org.openecomp.portalapp.portal.utils.EPCommonSystemProperties;
  28 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
  29 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
  30 import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants;
  31 import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler;
  32 import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
  33 import org.openecomp.portalsdk.core.util.SystemProperties;
  34 import org.openecomp.portalsdk.core.web.support.AppUtils;
  35
  36 public class SessionCookieUtil {
  37
  38         //private static final String JSESSIONID = "JSESSIONID";
  39         private static final String EP_SERVICE = "EPService";
  40         private static final String USER_ID = "UserId";
  41         private static Integer cookieMaxAge = -1;
  42         private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionCookieUtil.class);
  43
  44         public static void preSetUp(HttpServletRequest request,
  45                         HttpServletResponse response) {
  46                 initateSessionMgtHandler(request);
  47                 //set up EPService cookie
  48                 setUpEPServiceCookie(request, response);
  49         }
  50
  51         public static void setUpEPServiceCookie(HttpServletRequest request,
  52                         HttpServletResponse response) {
  53                 String jSessionId = getJessionId(request);
  54                 Cookie cookie1 = new Cookie(EP_SERVICE, jSessionId);
  55                 cookie1.setMaxAge(cookieMaxAge);
  56                 cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN));
  57                 cookie1.setPath("/");
  58                 response.addCookie(cookie1);
  59         }
  60
  61         public static void setUpUserIdCookie(HttpServletRequest request,
  62                         HttpServletResponse response,String userId) throws Exception {
  63                 logger.info("************** session cookie util set up UserId cookie begins");
  64                 userId = CipherUtil.encrypt(userId,
  65                                 SystemProperties.getProperty(SystemProperties.Decryption_Key));
  66                 Cookie cookie1 = new Cookie(USER_ID, userId);
  67                 cookie1.setMaxAge(cookieMaxAge);
  68                 cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN));
  69                 cookie1.setPath("/");
  70                 response.addCookie(cookie1);
  71                 logger.info("************** session cookie util set up EP cookie completed");
  72         }
  73
  74         public static String getUserIdFromCookie(HttpServletRequest request,
  75                         HttpServletResponse response) throws Exception {
  76                 String userId = "";
  77                 Cookie[] cookies = request.getCookies();
  78                 Cookie userIdcookie = null;
  79                 if (cookies != null)
  80                         for (Cookie cookie : cookies)
  81                                 if (cookie.getName().equals(USER_ID))
  82                                         userIdcookie = cookie;
  83                 if(userIdcookie!=null){
  84                         userId = CipherUtil.decrypt(userIdcookie.getValue(),
  85                                         SystemProperties.getProperty(SystemProperties.Decryption_Key));
  86                 }
  87
  88                 logger.info("************** session cookie util set up EP cookie completed");
  89                 return userId;
  90         }
  91
  92         public static String getJessionId(HttpServletRequest request){
  93
  94                 return request.getSession().getId();
  95                 /*
  96                 Cookie ep = WebUtils.getCookie(request, JSESSIONID);
  97                 if(ep==null){
  98                         return request.getSession().getId();
  99                 }
 100                 return ep.getValue();
 101                 */
 102         }
 103
 104         protected static void initateSessionMgtHandler(HttpServletRequest request) {
 105                 String jSessionId = getJessionId(request);
 106                 storeMaxInactiveTime(request);
 107                 PortalTimeoutHandler.sessionCreated(jSessionId, jSessionId, AppUtils.getSession(request));
 108         }
 109
 110         protected static void storeMaxInactiveTime(HttpServletRequest request) {
 111                 HttpSession session = AppUtils.getSession(request);
 112                 if(session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME) == null)
 113                         session.setAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME,session.getMaxInactiveInterval());
 114         }
 115
 116         public static void resetSessionMaxIdleTimeOut(HttpServletRequest request) {
 117                 try {
 118                         HttpSession session = AppUtils.getSession(request);
 119                         final Object maxIdleAttribute = session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME);
 120                         if(session != null && maxIdleAttribute != null) {
 121                                 session.setMaxInactiveInterval(Integer.parseInt(maxIdleAttribute.toString()));
 122                         }
 123                 } catch (Exception e) {
 124                         logger.error(EELFLoggerDelegate.errorLogger, "Could not reset the session timeout. Details: " + EcompPortalUtils.getStackTrace(e));
 125                 }
 126
 127         }
 128
 129 }