Java Code Examples for org.osgl.http.H#Session

The following examples show how to use org.osgl.http.H#Session . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TimeZoneResolver.java    From actframework with Apache License 2.0 5 votes vote down vote up
@PostAction("i18n/timezone")
@Description("Set timezone into session. The value should be offset to UTC in minutes")
public static void updateTimezoneOffset(
        @Description("the timezone offset to UTC in minutes") int offset,
        H.Session session
) {
    session.put(SESSION_KEY, offset);
}
 
Example 2
Source File: WebSocketConnectionManager.java    From actframework with Apache License 2.0 5 votes vote down vote up
/**
 * Add tag to any websocket connection linked to the session specified
 * @param session the session used to find websocket connections
 * @param tag the tag to subscribe
 */
public void subscribe(H.Session session, final String tag) {
    sessionRegistry().accept(session.id(), new $.Visitor<WebSocketConnection>() {
        @Override
        public void visit(WebSocketConnection connection) throws $.Break {
            byTag.register(tag, connection);
        }
    });
}
 
Example 3
Source File: DefaultSessionCodec.java    From actframework with Apache License 2.0 5 votes vote down vote up
static H.Session processExpiration(H.Session session, long now, boolean newSession, boolean sessionWillExpire, int ttlInMillis, String pingPath, H.Request request) {
    if (!sessionWillExpire) return session;
    long expiration = now + ttlInMillis;
    if (newSession) {
        // no previous cookie to restore; but we need to set the timestamp in the new cookie
        // note we use `load` API instead of `put` because we don't want to set the dirty flag
        // in this case
        session.load(KEY_EXPIRATION, String.valueOf(expiration));
    } else {
        String s = session.get(KEY_EXPIRATION);
        long oldTimestamp = null == s ? -1 : Long.parseLong(s);
        long newTimestamp = expiration;
        // Verify that the session contains a timestamp, and that it's not expired
        if (oldTimestamp < 0) {
            // invalid session, reset it
            session = new H.Session();
        } else {
            if (oldTimestamp < now) {
                // Session expired
                session = new H.Session();
                session.put(KEY_EXPIRE_INDICATOR, true);
            } else {
                session.remove(KEY_EXPIRE_INDICATOR);
                boolean skipUpdateExpiration = S.eq(pingPath, request.url());
                if (skipUpdateExpiration) {
                    newTimestamp = oldTimestamp;
                }
            }
        }
        session.put(KEY_EXPIRATION, newTimestamp);
    }
    return session;
}
 
Example 4
Source File: CSRFProtector.java    From actframework with Apache License 2.0 5 votes vote down vote up
@Override
public boolean verifyToken(String token, H.Session session, App app) {
    String tokenInSession = session.get(app.config().csrfCookieName());
    if (S.eq(token, tokenInSession)) {
        return true;
    }
    AppCrypto crypto = Act.crypto();
    return S.eq(crypto.decrypt(token), crypto.decrypt(tokenInSession));
}
 
Example 5
Source File: ActionContext.java    From actframework with Apache License 2.0 5 votes vote down vote up
/**
     * Dissolve session and flash into cookies.
     * <p><b>Note</b> this method must be called
     * before any content has been committed to
     * response output stream/writer</p>
     */
    public void dissolve() {
        if (state == State.SESSION_DISSOLVED) {
            return;
        }
        if (handler.sessionFree() || sessionPassThrough) {
            return;
        }
        if (null == session) {
            // only case is when CSRF token check failed
            // while resolving session
            // we need to generate new session anyway
            // because it is required to cache the
            // original URL
            // see RedirectToLoginUrl
            session = new H.Session();
        }
        localeResolver.dissolve();
        app().eventBus().emit(new SessionWillDissolveEvent(this));
        try {
            setCsrfCookieAndRenderArgs();
            sessionManager().dissolveState(session(), flash(), resp());
//            dissolveFlash();
//            dissolveSession();
            state = State.SESSION_DISSOLVED;
        } finally {
            app().eventBus().emit(new SessionDissolvedEvent(this));
        }
    }
 
Example 6
Source File: LocaleResolver.java    From actframework with Apache License 2.0 5 votes vote down vote up
private Locale resolveFromSessionOrCookie() {
    Locale locale = null;
    H.Session session = context.session();
    if (null != session) {
        locale = parseStr(session.get(KEY));
    }
    if (null == locale) {
        H.Cookie cookie = context.cookie(config.localeCookieName());
        locale = null == cookie ? null : parseStr(cookie.value());
    }
    return locale;
}
 
Example 7
Source File: GH506.java    From actframework with Apache License 2.0 4 votes vote down vote up
@Before
public void setup(H.Session session) {
    if (!session.contains("n")) {
        session.put("n", 100);
    }
}
 
Example 8
Source File: UsernameSecureTicketCodecTest.java    From actframework with Apache License 2.0 4 votes vote down vote up
@Override
public void verifySession(H.Session original, H.Session decoded) {
    eq(original.get(sessionKeyUsername), decoded.get(sessionKeyUsername));
}
 
Example 9
Source File: SessionManager.java    From actframework with Apache License 2.0 4 votes vote down vote up
public String generateSessionToken(H.Session session, int ttlInSeconds) {
    return codec.encodeSession(session, ttlInSeconds);
}
 
Example 10
Source File: CSRFProtector.java    From actframework with Apache License 2.0 4 votes vote down vote up
@Override
public void clearExistingToken(H.Session session, String cookieName) {}
 
Example 11
Source File: HttpCurrentStateStore.java    From actframework with Apache License 2.0 4 votes vote down vote up
@Override
public H.Session session() {
    ActionContext ctx = ActionContext.current();
    return null == ctx ? null : ctx.session();
}
 
Example 12
Source File: CSRFProtector.java    From actframework with Apache License 2.0 4 votes vote down vote up
@Override
public void clearExistingToken(H.Session session, String cookieName) {
    session.remove(cookieName);
}
 
Example 13
Source File: ActionContext.java    From actframework with Apache License 2.0 4 votes vote down vote up
public PreFireSessionResolvedEvent(H.Session session, ActionContext context) {
    super(session, context);
}
 
Example 14
Source File: UsernameSecureTicketCodecTest.java    From actframework with Apache License 2.0 4 votes vote down vote up
@Override
protected void prepareSession(H.Session session) {
    session.put(sessionKeyUsername, "[email protected]");
}
 
Example 15
Source File: ActionContext.java    From actframework with Apache License 2.0 3 votes vote down vote up
/**
 * Return cached object by key. The key will be concatenated with
 * current session id when fetching the cached object
 *
 * @param key
 * @param <T>
 *         the object type
 * @return the cached object
 */
public <T> T cached(String key) {
    H.Session sess = session();
    if (null != sess) {
        return sess.cached(key);
    } else {
        return app().cache().get(key);
    }
}
 
Example 16
Source File: SessionCodec.java    From actframework with Apache License 2.0 2 votes vote down vote up
/**
 * Encode a session into a string using specified expiry in seconds
 * @param session the session to be encoded.
 * @param ttlInSeconds time to live in seconds
 * @return the encoded session
 */
String encodeSession(H.Session session, int ttlInSeconds);
 
Example 17
Source File: ShortLifeTokenGenerator.java    From actframework with Apache License 2.0 2 votes vote down vote up
/**
 * Generate a short life session token.
 *
 * Refer: https://github.com/actframework/actframework/issues/1293
 *
 * @param ttlInSeconds token ttl in seconds, default value: 60
 * @param session injected session object of current request context
 * @return the session token with specified expiry time.
 */
@GetAction("~session-token~")
public String getToken(@DefaultValue("60") int ttlInSeconds, H.Session session) {
    return sm.generateSessionToken(session, ttlInSeconds);
}
 
Example 18
Source File: SecureTicketCodec.java    From actframework with Apache License 2.0 2 votes vote down vote up
/**
 * Generate a secure ticket from a session data
 * @param session the session data
 * @return a secure ticket
 */
T createTicket(H.Session session);
 
Example 19
Source File: CSRFProtector.java    From actframework with Apache License 2.0 votes vote down vote up
String generateToken(H.Session session, App app); 
Example 20
Source File: CSRFProtector.java    From actframework with Apache License 2.0 votes vote down vote up
boolean verifyToken(String token, H.Session session, App app);