public override SessionSecurityToken Get(SessionSecurityTokenCacheKey key)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
var token = inner.Get(key);
if (token != null)
{
return(token);
}
var item = tokenCacheRepository.Get(key.ToString());
if (item == null)
{
return(null);
}
token = BytesToToken(item.Token);
// update in-mem cache from database
inner.AddOrUpdate(key, token, item.Expires);
return(token);
}
public override SessionSecurityToken Get(SessionSecurityTokenCacheKey key)
{
Log.DebugFormat("Key: {0}", key);
var token = m_MemoryCache.Get(key);
if (token != null)
{
Log.DebugFormat("Token: {0} - found in memory cache", token.Id);
return(token);
}
var tokenWithExpiry = m_SessionSecurityTokenStore.ReadTokenFromStore(key);
if (tokenWithExpiry == null || tokenWithExpiry.Item2 == null)
{
Log.DebugFormat("Token key: {0} - not in cache", key);
return(null);
}
var expiry = tokenWithExpiry.Item1;
token = tokenWithExpiry.Item2;
Log.DebugFormat("Token: {0} Expiry: {1} - found in persistent cache", token.Id, expiry);
Log.DebugFormat("Refreshing token {0} in memory cache", token.Id);
m_MemoryCache.AddOrUpdate(key, token, expiry);
return(token);
}
/// <summary>
/// Deletes matching cache entries from the MruCache.
/// </summary>
/// <param name="endpointId">Specifies the endpointId for the entries to be deleted.</param>
/// <param name="contextId">Specifies the contextId for the entries to be deleted.</param>
public override void RemoveAll(string endpointId, System.Xml.UniqueId contextId)
{
if (null == contextId || string.IsNullOrEmpty(endpointId))
{
return;
}
Dictionary <SessionSecurityTokenCacheKey, CacheEntry> entriesToDelete = new Dictionary <SessionSecurityTokenCacheKey, CacheEntry>();
SessionSecurityTokenCacheKey key = new SessionSecurityTokenCacheKey(endpointId, contextId, null);
key.IgnoreKeyGeneration = true;
lock (this._syncRoot)
{
foreach (SessionSecurityTokenCacheKey itemKey in this._items.Keys)
{
if (itemKey.Equals(key))
{
entriesToDelete.Add(itemKey, this._items[itemKey]);
}
}
foreach (SessionSecurityTokenCacheKey itemKey in entriesToDelete.Keys)
{
this._items.Remove(itemKey);
CacheEntry entry = entriesToDelete[itemKey];
this._mruList.Remove(entry.Node);
if (object.ReferenceEquals(this.mruEntry.Node, entry.Node))
{
this.mruEntry.Value = null;
this.mruEntry.Node = null;
}
}
}
}
public override void AddOrUpdate(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
{
string tokenId = null;
ApiHelperAsync helper = new ApiHelperAsync(_httpClient);
var claimsIdentity = Thread.CurrentPrincipal.Identity as ClaimsIdentity;
if (claimsIdentity != null && claimsIdentity.BootstrapContext != null)
{
var bootstrap = claimsIdentity.BootstrapContext as BootstrapContext;
if (bootstrap != null && bootstrap.SecurityToken != null)
{
tokenId = bootstrap.SecurityToken.Id;
}
}
if (tokenId == null || value == null)
{
return;
}
var res = helper.AddOrUpdate(new SessionCacheEntry()
{
EndpointId = key.EndpointId,
ContextId = GetContextIdString(key),
KeyGeneration = GetKeyGenerationString(key),
ExpiryTime = expiryTime,
SessionSecurityTokenValue = value,
UserName = Thread.CurrentPrincipal.Identity.Name,
SessionSecurityTokenID = tokenId
});
if (res)
{
_internalCache.AddOrUpdate(key, value, expiryTime);
}
}
private DbCommand CreateInsertCommand(DbConnection connection, SessionSecurityTokenCacheKey key,
SessionSecurityToken value, DateTime expiryTime)
{
DbCommand command = connection.CreateCommand();
DbParameter keyParameter = command.CreateParameter();
keyParameter.DbType = DbType.StringFixedLength;
keyParameter.ParameterName = "@pKey";
keyParameter.Value = GenerateCompositeCacheKey(key);
DbParameter valueParameter = command.CreateParameter();
valueParameter.DbType = DbType.StringFixedLength;
valueParameter.ParameterName = "@pValue";
valueParameter.Value = Serialize(expiryTime, value);
DbParameter addedParameter = command.CreateParameter();
addedParameter.DbType = DbType.DateTime;
addedParameter.ParameterName = "@pAdded";
addedParameter.Value = DateTime.Now;
command.CommandText = string.Format(
"INSERT INTO {0} ([Id], [SecurityTokenSerialized], [TimeStamp]) VALUES (@pKey, @pValue, @pAdded)",
CookieTableName);
command.Parameters.AddRange(new[] { keyParameter, valueParameter, addedParameter });
Log.DebugFormat("Created command: {0}", command.CommandText);
Log.DebugFormat("Parameters: Id:'{0}' Timestamp:'{1}' SecurityTokenSerialized:'{2}'", keyParameter.Value,
valueParameter.Value, addedParameter.Value);
return(command);
}
//public override bool TryAddEntry(object key, SecurityToken value)
public override void AddOrUpdate(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
{
Log.DebugFormat("Key: {0} Value: {1} Expiry: {2}", key, value.Id, expiryTime);
Log.DebugFormat("Adding or updating in memory cache");
m_MemoryCache.AddOrUpdate(key, value, expiryTime);
Log.DebugFormat("Adding or updating in persistent store");
m_SessionSecurityTokenStore.UpdateTokenInStore(key, value, expiryTime);
}
public override void UpdateTokenInStore(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
{
if (m_Lookup.ContainsKey(key))
{
m_Lookup.Remove(key);
}
m_Lookup.Add(key, new Tuple <DateTime, SessionSecurityToken>(expiryTime, value));
}
public override void Remove(SessionSecurityTokenCacheKey key)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
inner.Remove(key);
tokenCacheRepository.Remove(key.ToString());
}
public override void Remove(SessionSecurityTokenCacheKey key)
{
_internalCache.Remove(key);
cache.Remove(new bUtility.TokenCache.Types.SessionSecurity.SessionCacheKey
{
EndpointId = key.EndpointId,
ContextId = key?.ContextId?.ToString(),
KeyGeneration = GetKeyGenerationString(key)
});
}
public override void RemoveTokenFromStore(SessionSecurityTokenCacheKey cacheKey)
{
using (DbConnection connection = CreateOpenConnection())
{
using (DbCommand deleteCommand = CreateDeleteCommand(connection, cacheKey))
{
Log.DebugFormat("Executing {0}", deleteCommand.CommandText);
deleteCommand.ExecuteNonQuery();
}
}
}
public override void Remove(SessionSecurityTokenCacheKey key)
{
_internalCache.Remove(key);
ApiHelperAsync helper = new ApiHelperAsync(_httpClient);
helper.Remove(new SessionCacheKey()
{
EndpointId = key.EndpointId,
ContextId = GetContextIdString(key),
KeyGeneration = GetKeyGenerationString(key)
});
}
private DbCommand CreateDeleteCommand(DbConnection connection, SessionSecurityTokenCacheKey key)
{
DbCommand command = connection.CreateCommand();
DbParameter keyParameter = command.CreateParameter();
keyParameter.DbType = DbType.StringFixedLength;
keyParameter.ParameterName = "@pKey";
keyParameter.Value = GenerateCompositeCacheKey(key);
command.CommandText = string.Format("DELETE FROM {0} WHERE [Id] = @pKey", CookieTableName);
command.Parameters.AddRange(new[] { keyParameter });
Log.DebugFormat("Created command: {0}", command.CommandText);
Log.DebugFormat("Parameters: Id:'{0}'", keyParameter.Value);
return(command);
}
public override void Remove(SessionSecurityTokenCacheKey key)
{
// Completely removing from the memory cache is difficult, since either we have to forego memory caching or distribute the memory
// cache (remove it on all nodes).
// Since this cache is only intended for web scenarios, we assume that the client will purge the key, making the clearing
// of the memory cache less essential.
Log.DebugFormat("Removing token key {0} from local machine cache (it will still exist on any other nodes)", key);
m_MemoryCache.Remove(key);
Log.DebugFormat("Removing token key {0} from persistent store", key);
var cacheKey = key;
m_SessionSecurityTokenStore.RemoveTokenFromStore(cacheKey);
}
/// <summary>
/// This method must not be called from within a read or writer lock as a deadlock will occur.
/// Checks the time a decides if a cleanup needs to occur.
/// </summary>
private void Purge()
{
if (this._items.Count >= this._maximumSize)
{
// If the cache is full, purge enough LRU items to shrink the
// cache down to the low watermark
int countToPurge = this._maximumSize - this._sizeAfterPurge;
for (int i = 0; i < countToPurge; i++)
{
SessionSecurityTokenCacheKey keyRemove = this._mruList.Last.Value;
this._mruList.RemoveLast();
this._items.Remove(keyRemove);
}
}
}
public void AddContext(SecurityContextSecurityToken token)
{
//
// WCF will cache the token first before calling the WrappedSessionSecurityTokenHandler.OnTokenIssued.
// We need to map the claims here so we will be caching the correct token with Geneva Claims substitued
// in place of the WCF claims.
//
_claimsHandler.SetPrincipalBootstrapTokensAndBindIdfxAuthPolicy(token);
SessionSecurityTokenCacheKey key = new SessionSecurityTokenCacheKey(_claimsHandler.EndpointId, token.ContextId, token.KeyGeneration);
SessionSecurityToken sessionToken = SecurityContextSecurityTokenHelper.ConvertSctToSessionToken(token, SecureConversationVersion.Default);
DateTime expiryTime = DateTimeUtil.Add(sessionToken.ValidTo, _claimsHandler.SecurityTokenHandlerCollection.Configuration.MaxClockSkew);
_tokenCache.AddOrUpdate(key, sessionToken, expiryTime);
}
public override IEnumerable <SessionSecurityToken> GetAll(string endpointId, UniqueId contextId)
{
#warning perhaps implement this for in memory
var data = cache.GetAll(new bUtility.TokenCache.Types.SessionSecurity.Context
{
EndpointId = endpointId,
ContextId = contextId?.ToString()
});
foreach (var token in data)
{
SessionSecurityTokenCacheKey key = new SessionSecurityTokenCacheKey(endpointId, contextId, null);
key.IgnoreKeyGeneration = true;
_internalCache.AddOrUpdate(key, token, token.KeyExpirationTime);
}
return(data);
}
public SecurityContextSecurityToken GetContext(System.Xml.UniqueId contextId, System.Xml.UniqueId generation)
{
SessionSecurityToken token = null;
SessionSecurityTokenCacheKey key = new SessionSecurityTokenCacheKey(_claimsHandler.EndpointId, contextId, generation);
token = _tokenCache.Get(key);
SecurityContextSecurityToken sctToken = null;
if (token != null && token.IsSecurityContextSecurityTokenWrapper)
{
sctToken = SecurityContextSecurityTokenHelper.ConvertSessionTokenToSecurityContextSecurityToken(token);
}
return(sctToken);
}
public override void AddOrUpdate(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
inner.AddOrUpdate(key, value, expiryTime);
var item = new TokenCacheItem
{
Key = key.ToString(),
Expires = expiryTime,
Token = TokenToBytes(value),
};
tokenCacheRepository.AddOrUpdate(item);
}
public override Tuple <DateTime, SessionSecurityToken> ReadTokenFromStore(SessionSecurityTokenCacheKey key)
{
using (DbConnection connection = CreateOpenConnection())
{
using (DbCommand selectCommand = CreateSelectCommand(connection, key))
{
Log.DebugFormat("Executing {0}", selectCommand.CommandText);
var securityTokenSerialized = (string)selectCommand.ExecuteScalar();
if (securityTokenSerialized == null)
{
return(null);
}
Tuple <DateTime, SessionSecurityToken> tokenWithExpiry = Deserialize(securityTokenSerialized);
return(tokenWithExpiry);
}
}
}
public void UpdateContextCachingTime(SecurityContextSecurityToken token, DateTime expirationTime)
{
if (token.ValidTo <= expirationTime.ToUniversalTime())
{
return;
}
SessionSecurityTokenCacheKey key = new SessionSecurityTokenCacheKey(_claimsHandler.EndpointId, token.ContextId, token.KeyGeneration);
SessionSecurityToken sessionToken = SecurityContextSecurityTokenHelper.ConvertSctToSessionToken(token, SecureConversationVersion.Default);
DateTime expiryTime = DateTimeUtil.Add(sessionToken.ValidTo, _claimsHandler.SecurityTokenHandlerCollection.Configuration.MaxClockSkew);
if (_tokenCache.Get(key) == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperInvalidOperation(SR.GetString(SR.ID4285, sessionToken.ContextId.ToString()));
}
_tokenCache.AddOrUpdate(key, sessionToken, expiryTime);
}
public override IEnumerable <SessionSecurityToken> GetAll(string endpointId, UniqueId contextId)
{
#warning perhaps implement this for in memory
ApiHelperAsync helper = new ApiHelperAsync(_httpClient);
var res = helper.GetAll(new Context()
{
EndpointId = endpointId,
ContextId = GetContextIdString(contextId)
});
foreach (var token in res)
{
SessionSecurityTokenCacheKey key = new SessionSecurityTokenCacheKey(endpointId, contextId, null);
key.IgnoreKeyGeneration = true;
_internalCache.AddOrUpdate(key, token, token.KeyExpirationTime);
}
return(res);
}
/// <summary>
/// Attempts to add an entry to the cache or update an existing one.
/// </summary>
/// <param name="key">The key for the entry to be added.</param>
/// <param name="value">The security token to be added to the cache.</param>
/// <param name="expirationTime">The expiration time for this entry.</param>
public override void AddOrUpdate(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expirationTime)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
lock (this._syncRoot)
{
this.Purge();
this.Remove(key);
// Add the new entry to the cache and make it the MRU element
CacheEntry entry = new CacheEntry();
entry.Node = this._mruList.AddFirst(key);
entry.Value = value;
this._items.Add(key, entry);
this.mruEntry = entry;
}
}
public override SessionSecurityToken Get(SessionSecurityTokenCacheKey key)
{
var resLocal = _internalCache.Get(key);
if (resLocal == null)
{
var token = cache.Get(new bUtility.TokenCache.Types.SessionSecurity.SessionCacheKey
{
EndpointId = key.EndpointId,
ContextId = key?.ContextId?.ToString(),
KeyGeneration = GetKeyGenerationString(key)
});
if (token != null)
{
resLocal = token;
_internalCache.AddOrUpdate(key, token, token.KeyExpirationTime);
}
}
return(resLocal);
}
/// <summary>
/// Deletes the specified cache entry from the MruCache.
/// </summary>
/// <param name="key">Specifies the key for the entry to be deleted.</param>
/// <exception cref="ArgumentNullException">The <paramref name="key"/> is null.</exception>
public override void Remove(SessionSecurityTokenCacheKey key)
{
if (key == null)
{
return;
}
lock (this._syncRoot)
{
CacheEntry entry;
if (this._items.TryGetValue(key, out entry))
{
this._items.Remove(key);
this._mruList.Remove(entry.Node);
if (object.ReferenceEquals(this.mruEntry.Node, entry.Node))
{
this.mruEntry.Value = null;
this.mruEntry.Node = null;
}
}
}
}
public override void UpdateTokenInStore(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
{
using (DbConnection sqlConnection = CreateOpenConnection())
{
using (DbTransaction transaction = sqlConnection.BeginTransaction())
{
using (DbCommand deleteCommand = CreateDeleteCommand(sqlConnection, key))
{
deleteCommand.Transaction = transaction;
using (DbCommand insertCommand = CreateInsertCommand(sqlConnection, key, value, expiryTime))
{
insertCommand.Transaction = transaction;
Log.DebugFormat("Executing {0}", deleteCommand.CommandText);
deleteCommand.ExecuteNonQuery();
Log.DebugFormat("Executing {0}", insertCommand.CommandText);
insertCommand.ExecuteNonQuery();
}
}
transaction.Commit();
}
}
}
public override SessionSecurityToken Get(SessionSecurityTokenCacheKey key)
{
var resLocal = _internalCache.Get(key);
if (resLocal == null)
{
ApiHelperAsync helper = new ApiHelperAsync(_httpClient);
var token = helper.Get(new SessionCacheKey()
{
EndpointId = key.EndpointId,
ContextId = GetContextIdString(key),
KeyGeneration = GetKeyGenerationString(key)
});
if (token != null)
{
resLocal = token;
_internalCache.AddOrUpdate(key, token, token.KeyExpirationTime);
}
}
return(resLocal);
}
/// <summary>
/// Returns all the entries that match the given key.
/// </summary>
/// <param name="endpointId">The endpoint id for the entries to be retrieved.</param>
/// <param name="contextId">The context id for the entries to be retrieved.</param>
/// <returns>A collection of all the matching entries, an empty collection of no match found.</returns>
public override IEnumerable <SessionSecurityToken> GetAll(string endpointId, System.Xml.UniqueId contextId)
{
Collection <SessionSecurityToken> tokens = new Collection <SessionSecurityToken>();
if (null == contextId || string.IsNullOrEmpty(endpointId))
{
return(tokens);
}
CacheEntry entry;
SessionSecurityTokenCacheKey key = new SessionSecurityTokenCacheKey(endpointId, contextId, null);
key.IgnoreKeyGeneration = true;
lock (this._syncRoot)
{
foreach (SessionSecurityTokenCacheKey itemKey in this._items.Keys)
{
if (itemKey.Equals(key))
{
entry = this._items[itemKey];
// Move the node to the head of the MRU list if it's not already there
if (this._mruList.Count > 1 && !object.ReferenceEquals(this._mruList.First, entry.Node))
{
this._mruList.Remove(entry.Node);
this._mruList.AddFirst(entry.Node);
this.mruEntry = entry;
}
tokens.Add(entry.Value);
}
}
}
return(tokens);
}
/// <summary>
/// Returns the Session Security Token corresponding to the specified key exists in the cache. Also if it exists, marks it as MRU.
/// </summary>
/// <param name="key">Specifies the key for the entry to be retrieved.</param>
/// <returns>Returns the Session Security Token from the cache if found, otherwise, null.</returns>
public override SessionSecurityToken Get(SessionSecurityTokenCacheKey key)
{
if (key == null)
{
return(null);
}
// If found, make the entry most recently used
SessionSecurityToken sessionToken = null;
CacheEntry entry;
bool found;
lock (this._syncRoot)
{
// first check our MRU item
if (this.mruEntry.Node != null && key != null && key.Equals(this.mruEntry.Node.Value))
{
return(this.mruEntry.Value);
}
found = this._items.TryGetValue(key, out entry);
if (found)
{
sessionToken = entry.Value;
// Move the node to the head of the MRU list if it's not already there
if (this._mruList.Count > 1 && !object.ReferenceEquals(this._mruList.First, entry.Node))
{
this._mruList.Remove(entry.Node);
this._mruList.AddFirst(entry.Node);
this.mruEntry = entry;
}
}
}
return(sessionToken);
}
private static string GetContextIdString(SessionSecurityTokenCacheKey key)
{
return(GetContextIdString(key.ContextId));
}
private static string GetKeyGenerationString(SessionSecurityTokenCacheKey key)
{
return(key.KeyGeneration == null ? null : key.KeyGeneration.ToString());
}
