private SessionInfo RenewSession(string tokenId, bool bypassCache = false) { try { if (bypassCache) { using (new ResponseCacheBypassScope()) { return(DoRenewSession(tokenId, false)); } } return(DoRenewSession(tokenId, false)); } catch (FaultException <InvalidUserSessionException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch (FaultException <UserAccessDeniedException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch (Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the login. var e = new SessionValidationException(ex); throw e; } }
public SessionToken Renew(string tokenId) { SessionInfo sessionInfo = SessionCache.Instance.Find(tokenId); if (sessionInfo == null) { throw new Exception(String.Format("Unexpected error: session {0} does not exist in the cache", tokenId)); } var request = new ValidateSessionRequest(sessionInfo.Credentials.UserName, sessionInfo.Credentials.SessionToken) { GetAuthorizations = true }; try { SessionToken newToken = null; Platform.GetService( delegate(IAuthenticationService service) { DateTime originalExpiryTime = sessionInfo.Credentials.SessionToken.ExpiryTime; ValidateSessionResponse response = service.ValidateSession(request); // update session info string id = response.SessionToken.Id; newToken = SessionCache.Instance.Renew(id, response.SessionToken.ExpiryTime); if (Platform.IsLogLevelEnabled(LogLevel.Debug)) { Platform.Log(LogLevel.Debug, "Session {0} for {1} is renewed. Valid until {2}", id, sessionInfo.Credentials.UserName, newToken.ExpiryTime); if (originalExpiryTime == newToken.ExpiryTime) { Platform.Log(LogLevel.Warn, "Session expiry time is not changed. Is it cached?"); } } }); return(newToken); } catch (FaultException <InvalidUserSessionException> ex) { throw new SessionValidationException(ex.Detail); } catch (FaultException <UserAccessDeniedException> ex) { throw new SessionValidationException(ex.Detail); } catch (Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the login. var e = new SessionValidationException(ex); throw e; } }
public SessionInfo VerifySession(string userId, string sessionTokenId) { SessionInfo sessionInfo = SessionCache.Instance.Find(sessionTokenId); if (sessionInfo != null) { return(sessionInfo); } // Session does not exist in the cache. // Go to the server to see if the session exists // It may var request = new ValidateSessionRequest(userId, new SessionToken(sessionTokenId)) { GetAuthorizations = true, ValidateOnly = false // load the tokens too since we don't know anything about session yet }; try { using (new ResponseCacheBypassScope()) //bypass the response cache { Platform.GetService( delegate(IAuthenticationService service) { ValidateSessionResponse response = service.ValidateSession(request); sessionInfo = new SessionInfo(userId, userId, response.SessionToken); SessionCache.Instance.AddSession(sessionTokenId, sessionInfo); sessionInfo.Validate(); }); } return(sessionInfo); } catch (FaultException <InvalidUserSessionException> ex) { SessionCache.Instance.RemoveSession(sessionTokenId); throw new SessionValidationException(ex.Detail); } catch (FaultException <UserAccessDeniedException> ex) { SessionCache.Instance.RemoveSession(sessionTokenId); throw new SessionValidationException(ex.Detail); } catch (Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the session. var e = new SessionValidationException(ex); throw e; } }
private SessionInfo CheckSession(string tokenId, bool renew) { SessionInfo sessionInfo = SessionCache.Instance.Find(tokenId); if (sessionInfo == null) { throw new Exception(String.Format("Unexpected error: session {0} does not exist in the cache", tokenId)); } var request = new ValidateSessionRequest(sessionInfo.Credentials.UserName, sessionInfo.Credentials.SessionToken) { GetAuthorizations = true, ValidateOnly = !renew }; try { SessionToken newToken = null; Platform.GetService( delegate(IAuthenticationService service) { DateTime originalExpiryTime = sessionInfo.Credentials.SessionToken.ExpiryTime; ValidateSessionResponse response = service.ValidateSession(request); //If we're renewing, might as well renew well before expiry. If we're only validating, //we don't want to force a call to the server unless it's actually expired. var addSeconds = 0.0; if (renew) { //Minor hack - the ImageServer client shows a little bar at the top of the page counting down to session timeout, //and allowing the user to cancel. This timeout value determines when that bar shows up. If, however, the //validate response is being cached, we need to make sure we hit the server - otherwise the bar doesn't go away. double.TryParse(ConfigurationManager.AppSettings.Get("ClientTimeoutWarningMinDuration"), out addSeconds); addSeconds = Math.Max(addSeconds, 30); } if (Platform.Time.AddSeconds(addSeconds) >= response.SessionToken.ExpiryTime) { Platform.Log(LogLevel.Debug, "Session is at or near expiry; bypassing cache."); //The response likely came from the cache, and we want to make sure we get a real validation response. //Note that this only really matters when 2 processes are sharing a session, like ImageServer and Webstation. using (new ResponseCacheBypassScope()) { response = service.ValidateSession(request); } } // update session info string id = response.SessionToken.Id; newToken = SessionCache.Instance.Renew(id, response.SessionToken.ExpiryTime); sessionInfo.Credentials.Authorities = response.AuthorityTokens; sessionInfo.Credentials.SessionToken = newToken; if (Platform.IsLogLevelEnabled(LogLevel.Debug)) { Platform.Log(LogLevel.Debug, "Session {0} for {1} is renewed. Valid until {2}", id, sessionInfo.Credentials.UserName, newToken.ExpiryTime); if (originalExpiryTime == newToken.ExpiryTime) { Platform.Log(LogLevel.Warn, "Session expiry time is not changed. Is it cached?"); } } }); return(sessionInfo); } catch (FaultException <InvalidUserSessionException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch (FaultException <UserAccessDeniedException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch (Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the login. var e = new SessionValidationException(ex); throw e; } }
private SessionInfo CheckSession(string tokenId, bool renew) { SessionInfo sessionInfo = SessionCache.Instance.Find(tokenId); if (sessionInfo == null) { throw new Exception(String.Format("Unexpected error: session {0} does not exist in the cache", tokenId)); } var request = new ValidateSessionRequest(sessionInfo.Credentials.UserName, sessionInfo.Credentials.SessionToken) { GetAuthorizations = true, ValidateOnly = !renew }; try { SessionToken newToken = null; Platform.GetService( delegate(IAuthenticationService service) { DateTime originalExpiryTime = sessionInfo.Credentials.SessionToken.ExpiryTime; ValidateSessionResponse response = service.ValidateSession(request); //If we're renewing, might as well renew well before expiry. If we're only validating, //we don't want to force a call to the server unless it's actually expired. var addSeconds = 0.0; if (renew) { //Minor hack - the ImageServer client shows a little bar at the top of the page counting down to session timeout, //and allowing the user to cancel. This timeout value determines when that bar shows up. If, however, the //validate response is being cached, we need to make sure we hit the server - otherwise the bar doesn't go away. double.TryParse(ConfigurationManager.AppSettings.Get("ClientTimeoutWarningMinDuration"), out addSeconds); addSeconds = Math.Max(addSeconds, 30); } if (Platform.Time.AddSeconds(addSeconds) >= response.SessionToken.ExpiryTime) { Platform.Log(LogLevel.Debug, "Session is at or near expiry; bypassing cache."); //The response likely came from the cache, and we want to make sure we get a real validation response. //Note that this only really matters when 2 processes are sharing a session, like ImageServer and Webstation. using (new ResponseCacheBypassScope()) { response = service.ValidateSession(request); } } // update session info string id = response.SessionToken.Id; newToken = SessionCache.Instance.Renew(id, response.SessionToken.ExpiryTime); sessionInfo.Credentials.Authorities = response.AuthorityTokens; sessionInfo.Credentials.SessionToken = newToken; if (Platform.IsLogLevelEnabled(LogLevel.Debug)) { Platform.Log(LogLevel.Debug, "Session {0} for {1} is renewed. Valid until {2}", id, sessionInfo.Credentials.UserName, newToken.ExpiryTime); if (originalExpiryTime == newToken.ExpiryTime) { Platform.Log(LogLevel.Warn, "Session expiry time is not changed. Is it cached?"); } } }); return sessionInfo; } catch(FaultException<InvalidUserSessionException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch(FaultException<UserAccessDeniedException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch(Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the login. var e = new SessionValidationException(ex); throw e; } }
private SessionInfo RenewSession(string tokenId, bool bypassCache = false) { try { if (bypassCache) { using (new ResponseCacheBypassScope()) { return DoRenewSession(tokenId, false); } } return DoRenewSession(tokenId, false); } catch (FaultException<InvalidUserSessionException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch (FaultException<UserAccessDeniedException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch (Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the login. var e = new SessionValidationException(ex); throw e; } }
private SessionInfo CheckSession(string tokenId, bool renew) { SessionInfo sessionInfo = SessionCache.Instance.Find(tokenId); if (sessionInfo == null) { throw new Exception(String.Format("Unexpected error: session {0} does not exist in the cache", tokenId)); } var request = new ValidateSessionRequest(sessionInfo.Credentials.UserName, sessionInfo.Credentials.SessionToken) { GetAuthorizations = true, ValidateOnly = !renew }; try { SessionToken newToken = null; Platform.GetService( delegate(IAuthenticationService service) { DateTime originalExpiryTime = sessionInfo.Credentials.SessionToken.ExpiryTime; ValidateSessionResponse response = service.ValidateSession(request); //If we're renewing, might as well renew well before expiry. If we're only validating, //we don't want to force a call to the server unless it's actually expired. var addSeconds = renew ? 30 : 0; if (Platform.Time.AddSeconds(addSeconds) >= response.SessionToken.ExpiryTime) { Platform.Log(LogLevel.Info, "Session is at or near expiry; bypassing cache."); //The response likely came from the cache, and we want to make sure we get a real validation response. //Note that this only really matters when 2 processes are sharing a session, like ImageServer and Webstation. using (new ResponseCacheBypassScope()) { response = service.ValidateSession(request); } } // update session info string id = response.SessionToken.Id; newToken = SessionCache.Instance.Renew(id, response.SessionToken.ExpiryTime); sessionInfo.Credentials.Authorities = response.AuthorityTokens; sessionInfo.Credentials.SessionToken = newToken; if (Platform.IsLogLevelEnabled(LogLevel.Debug)) { Platform.Log(LogLevel.Debug, "Session {0} for {1} is renewed. Valid until {2}", id, sessionInfo.Credentials.UserName, newToken.ExpiryTime); if (originalExpiryTime == newToken.ExpiryTime) { Platform.Log(LogLevel.Warn, "Session expiry time is not changed. Is it cached?"); } } }); return sessionInfo; } catch(FaultException<InvalidUserSessionException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch(FaultException<UserAccessDeniedException> ex) { SessionCache.Instance.RemoveSession(tokenId); throw new SessionValidationException(ex.Detail); } catch(Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the login. var e = new SessionValidationException(ex); throw e; } }
public SessionToken Renew(string tokenId) { SessionInfo sessionInfo = SessionCache.Instance.Find(tokenId); if (sessionInfo == null) { throw new Exception(String.Format("Unexpected error: session {0} does not exist in the cache", tokenId)); } var request = new ValidateSessionRequest(sessionInfo.Credentials.UserName, sessionInfo.Credentials.SessionToken) { GetAuthorizations = true }; try { SessionToken newToken = null; Platform.GetService( delegate(IAuthenticationService service) { DateTime originalExpiryTime = sessionInfo.Credentials.SessionToken.ExpiryTime; ValidateSessionResponse response = service.ValidateSession(request); // update session info string id = response.SessionToken.Id; newToken= SessionCache.Instance.Renew(id, response.SessionToken.ExpiryTime); if (Platform.IsLogLevelEnabled(LogLevel.Debug)) { Platform.Log(LogLevel.Debug, "Session {0} for {1} is renewed. Valid until {2}", id, sessionInfo.Credentials.UserName, newToken.ExpiryTime); if (originalExpiryTime == newToken.ExpiryTime) { Platform.Log(LogLevel.Warn, "Session expiry time is not changed. Is it cached?"); } } }); return newToken; } catch(FaultException<InvalidUserSessionException> ex) { throw new SessionValidationException(ex.Detail); } catch(FaultException<UserAccessDeniedException> ex) { throw new SessionValidationException(ex.Detail); } catch(Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the login. var e = new SessionValidationException(ex); throw e; } }
public SessionInfo VerifySession(string userId, string sessionTokenId) { SessionInfo sessionInfo = SessionCache.Instance.Find(sessionTokenId); if (sessionInfo != null) return sessionInfo; // Session does not exist in the cache. // Go to the server to see if the session exists // It may var request = new ValidateSessionRequest(userId, new SessionToken(sessionTokenId)) { GetAuthorizations = true, ValidateOnly = false // load the tokens too since we don't know anything about session yet }; try { using (new ResponseCacheBypassScope()) //bypass the response cache { Platform.GetService( delegate(IAuthenticationService service) { ValidateSessionResponse response = service.ValidateSession(request); sessionInfo = new SessionInfo(userId, userId, response.SessionToken); SessionCache.Instance.AddSession(sessionTokenId, sessionInfo); sessionInfo.Validate(); }); } return sessionInfo; } catch (FaultException<InvalidUserSessionException> ex) { SessionCache.Instance.RemoveSession(sessionTokenId); throw new SessionValidationException(ex.Detail); } catch (FaultException<UserAccessDeniedException> ex) { SessionCache.Instance.RemoveSession(sessionTokenId); throw new SessionValidationException(ex.Detail); } catch (Exception ex) { //TODO: for now we can't distinguish communicate errors and credential validation errors. // All exceptions are treated the same: we can't verify the session. var e = new SessionValidationException(ex); throw e; } }