protected IDictionary <string, string> GetSessionScopeProperties(SessionUpPartyCookie session) { var scopeProperties = GetSessionScopeProperties(session as SessionBaseCookie); scopeProperties.Add("externalSessionId", session.ExternalSessionId); return(scopeProperties); }
public async Task <SessionUpPartyCookie> DeleteSessionAsync(SessionUpPartyCookie session = null) { logger.ScopeTrace($"Delete session up-party, Route '{RouteBinding.Route}'."); session = session ?? await sessionCookieRepository.GetAsync(); if (session != null) { await sessionCookieRepository.DeleteAsync(); logger.ScopeTrace($"Session deleted up-party, Session id '{session.SessionId}'."); return(session); } else { logger.ScopeTrace("Session up-party do not exists."); return(null); } }
public async Task <string> CreateOrUpdateSessionAsync <T>(T upParty, DownPartySessionLink newDownPartyLink, List <Claim> claims, string externalSessionId, string idToken = null) where T : UpParty { logger.ScopeTrace($"Create or update session up-party, Route '{RouteBinding.Route}'."); var sessionClaims = FilterClaims(claims); Action <SessionUpPartyCookie> updateAction = (session) => { sessionClaims.AddClaim(JwtClaimTypes.SessionId, NewSessionId()); session.Claims = sessionClaims.ToClaimAndValues(); session.ExternalSessionId = externalSessionId; session.IdToken = idToken; AddDownPartyLink(session, newDownPartyLink); }; var sessionEnabled = SessionEnabled(upParty); var session = await sessionCookieRepository.GetAsync(); if (session != null) { var sessionValid = SessionValid(upParty, session); logger.ScopeTrace($"User id '{session.UserId}' session up-party exists, Enabled '{sessionEnabled}', Valid '{sessionValid}', Session id '{session.SessionId}', Route '{RouteBinding.Route}'."); if (sessionEnabled && sessionValid) { var userId = sessionClaims.FindFirstValue(c => c.Type == JwtClaimTypes.Subject); if (!session.UserId.IsNullOrEmpty() && session.UserId != userId) { logger.ScopeTrace("Authenticated user and requested user do not match."); // TODO invalid user login throw new NotImplementedException("Authenticated user and requested user do not match."); } if (session.ExternalSessionId != externalSessionId) { try { throw new Exception("External session ID has changed, causing an session update including new session ID."); } catch (Exception ex) { logger.Warning(ex); } updateAction(session); } else { AddDownPartyLink(session, newDownPartyLink); } session.LastUpdated = DateTimeOffset.UtcNow.ToUnixTimeSeconds(); await sessionCookieRepository.SaveAsync(session, null); logger.ScopeTrace($"Session updated up-party, Session id '{session.SessionId}'.", GetSessionScopeProperties(session)); return(session.SessionId); } if (!sessionEnabled) { await sessionCookieRepository.DeleteAsync(); logger.ScopeTrace($"Session deleted, Session id '{session.SessionId}'."); } } if (sessionEnabled) { logger.ScopeTrace($"Create session up-party, External Session id '{externalSessionId}', Route '{RouteBinding.Route}'."); session = new SessionUpPartyCookie(); updateAction(session); session.LastUpdated = session.CreateTime; await sessionCookieRepository.SaveAsync(session, null); logger.ScopeTrace($"Session up-party created, User id '{session.UserId}', Session id '{session.SessionId}', External Session id '{externalSessionId}'.", GetSessionScopeProperties(session)); return(session.SessionId); } return(null); }