protected SamlSessionStore createSessionStore(Request request, HttpFacade facade, SamlDeployment resolvedDeployment) { SamlSessionStore store; store = new CatalinaSamlSessionStore(userSessionManagement, createPrincipalFactory(), mapper, idMapperUpdater, request, this, facade, resolvedDeployment); return store; }
@Override public SamlSession getAccount() { HttpSession session = getSession(true); return (SamlSession)session.getAttribute(SamlSession.class.getName()); }
@Override public void logoutByPrincipal(String principal) { Set<String> sessions = idMapper.getUserSessions(principal); if (sessions != null) { List<String> ids = new LinkedList<String>(); ids.addAll(sessions); logoutSessionIds(ids); for (String id : ids) { idMapperUpdater.removeSession(idMapper, id); } } }
@Override public void saveAccount(SamlSession account) { Session session = request.getSessionInternal(true); session.getSession().setAttribute(SamlSession.class.getName(), account); GenericPrincipal principal = (GenericPrincipal) session.getPrincipal(); // in clustered environment in JBossWeb, principal is not serialized or saved if (principal == null) { principal = principalFactory.createPrincipal(request.getContext().getRealm(), account.getPrincipal(), account.getRoles()); session.setPrincipal(principal); session.setAuthType("KEYCLOAK-SAML"); } request.setUserPrincipal(principal); request.setAuthType("KEYCLOAK-SAML"); String newId = changeSessionId(session); idMapperUpdater.map(idMapper, account.getSessionIndex(), account.getPrincipal().getSamlSubject(), newId); }
@Override public boolean restoreRequest() { getSession(true).removeAttribute(SAML_REDIRECT_URI); return valve.keycloakRestoreRequest(request); }
@Override public void logoutBySsoId(List<String> ssoIds) { if (ssoIds == null) return; List<String> sessionIds = new LinkedList<String>(); for (String id : ssoIds) { String sessionId = idMapper.getSessionFromSSO(id); if (sessionId != null) { sessionIds.add(sessionId); idMapperUpdater.removeSession(idMapper, sessionId); } } logoutSessionIds(sessionIds); }
@Override public void saveRequest() { try { valve.keycloakSaveRequest(request); } catch (IOException e) { throw new RuntimeException(e); } getSession(true).setAttribute(SAML_REDIRECT_URI, facade.getRequest().getURI()); }
@Override public void logoutAccount() { Session sessionInternal = request.getSessionInternal(false); if (sessionInternal == null) return; HttpSession session = sessionInternal.getSession(); List<String> ids = new LinkedList<String>(); if (session != null) { SamlSession samlSession = (SamlSession)session.getAttribute(SamlSession.class.getName()); if (samlSession != null) { if (samlSession.getSessionIndex() != null) { ids.add(session.getId()); idMapperUpdater.removeSession(idMapper, session.getId()); } session.removeAttribute(SamlSession.class.getName()); } session.removeAttribute(SAML_REDIRECT_URI); } sessionInternal.setPrincipal(null); sessionInternal.setAuthType(null); logoutSessionIds(ids); }
@Override public String getRedirectUri() { String redirect = (String)getSession(true).getAttribute(SAML_REDIRECT_URI); if (redirect == null) { String contextPath = request.getContextPath(); String baseUri = KeycloakUriBuilder.fromUri(request.getRequestURL().toString()).replacePath(contextPath).build().toString(); return SamlUtil.getRedirectTo(facade, contextPath, baseUri); } return redirect; }