Jelajahi Sumber

idle timeout calculator getProfile() NPE exception fix and refactor

Jason Rivard 3 tahun lalu
induk
melakukan
6d857160ca

+ 144 - 40
server/src/main/java/password/pwm/http/IdleTimeoutCalculator.java

@@ -31,6 +31,7 @@ import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.HelpdeskProfile;
 import password.pwm.config.profile.PeopleSearchProfile;
 import password.pwm.config.profile.ProfileDefinition;
+import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.servlet.PwmServletDefinition;
 import password.pwm.ldap.UserInfo;
@@ -39,6 +40,7 @@ import password.pwm.util.java.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
 
 import java.util.Collections;
+import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import java.util.SortedSet;
@@ -86,7 +88,6 @@ public class IdleTimeoutCalculator
                     }
                 }
             }
-
         }
         else
         {
@@ -141,7 +142,6 @@ public class IdleTimeoutCalculator
                             MaxIdleTimeoutResult.reasonFor( PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS, peopleSearchID ),
                             TimeDuration.of( peopleSearchIdleTimeout, TimeDuration.Unit.SECONDS ) ) );
                 }
-
             }
         }
 
@@ -186,74 +186,178 @@ public class IdleTimeoutCalculator
             return figureMaxSessionTimeout( pwmDomain, pwmSession ).getIdleTimeout();
         }
 
-        final DomainConfig config = pwmDomain.getConfig();
-        if ( pwmURL.matches( PwmServletDefinition.Helpdesk ) )
+        for ( final IdleTimeoutCalculatorModule module : SERVLET_IDLE_CALCULATORS )
         {
-            if ( config.readSettingAsBoolean( PwmSetting.HELPDESK_ENABLE ) )
+            for ( final PwmServletDefinition pwmServletDefinition : module.forServlets() )
             {
-                final HelpdeskProfile helpdeskProfile = pwmRequest.getHelpdeskProfile( );
-                if ( helpdeskProfile != null )
+                if ( pwmURL.matches( pwmServletDefinition ) )
                 {
-                    final long helpdeskIdleTimeout = helpdeskProfile.readSettingAsLong( PwmSetting.HELPDESK_IDLE_TIMEOUT_SECONDS );
-                    if ( helpdeskIdleTimeout > 0 )
+                    final Optional<TimeDuration> calculatedDuration = module.calculate( pwmRequest );
+                    if ( calculatedDuration.isPresent() )
                     {
-                        return TimeDuration.of( helpdeskIdleTimeout, TimeDuration.Unit.SECONDS );
+                        return calculatedDuration.get();
                     }
                 }
             }
         }
 
-        if (
-                (
-                        pwmURL.matches( PwmServletDefinition.PrivatePeopleSearch )
-                                || pwmURL.matches( PwmServletDefinition.PublicPeopleSearch )
-                )
-                        && pwmURL.isPrivateUrl()
-                )
+        final long idleTimeout = pwmRequest.getDomainConfig().readSettingAsLong( PwmSetting.IDLE_TIMEOUT_SECONDS );
+        return TimeDuration.of( idleTimeout, TimeDuration.Unit.SECONDS );
+    }
+
+    private static final List<IdleTimeoutCalculatorModule> SERVLET_IDLE_CALCULATORS = List.of(
+            new ConfigGuideIdleCalculator(),
+            new ConfigEditorIdleCalculator(),
+            new HelpdeskIdleCalculator(),
+            new PublicPeopleSearchIdleCalculator(),
+            new PrivatePeopleSearchIdleCalculator() );
+
+
+    interface IdleTimeoutCalculatorModule
+    {
+        List<PwmServletDefinition> forServlets();
+
+        Optional<TimeDuration> calculate( PwmRequest pwmRequest ) throws PwmUnrecoverableException;
+    }
+
+    static class ConfigGuideIdleCalculator implements IdleTimeoutCalculatorModule
+    {
+        @Override
+        public List<PwmServletDefinition> forServlets()
+        {
+            return Collections.singletonList( PwmServletDefinition.ConfigGuide );
+        }
+
+        @Override
+        public Optional<TimeDuration> calculate( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
         {
-            final PeopleSearchProfile peopleSearchProfile = pwmRequest.getPeopleSearchProfile( );
-            if ( peopleSearchProfile != null )
+            if ( pwmRequest.getPwmApplication().getApplicationMode() == PwmApplicationMode.NEW )
             {
-                final long peopleSearchIdleTimeout = peopleSearchProfile.readSettingAsLong( PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS );
-                if ( peopleSearchIdleTimeout > 0 )
+                final long configGuideIdleTimeout = Long.parseLong( pwmRequest.getDomainConfig().readAppProperty( AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT ) );
+                if ( configGuideIdleTimeout > 0 )
                 {
-                    return TimeDuration.of( peopleSearchIdleTimeout, TimeDuration.Unit.SECONDS );
+                    return Optional.of( TimeDuration.of( configGuideIdleTimeout, TimeDuration.Unit.SECONDS ) );
                 }
             }
+            return Optional.empty();
+        }
+    }
+
+    static class ConfigEditorIdleCalculator implements IdleTimeoutCalculatorModule
+    {
+        @Override
+        public List<PwmServletDefinition> forServlets()
+        {
+            return Collections.singletonList( PwmServletDefinition.ConfigEditor );
+        }
+
+        @Override
+        public Optional<TimeDuration> calculate( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
+        {
+            final long configEditorIdleTimeout = Long.parseLong( pwmRequest.getDomainConfig().readAppProperty( AppProperty.CONFIG_EDITOR_IDLE_TIMEOUT ) );
+            if ( configEditorIdleTimeout > 0 )
+            {
+                return Optional.of( TimeDuration.of( configEditorIdleTimeout, TimeDuration.Unit.SECONDS ) );
+            }
+            return Optional.empty();
         }
+    }
 
-        if ( pwmURL.matches( PwmServletDefinition.ConfigEditor ) )
+    static class HelpdeskIdleCalculator implements IdleTimeoutCalculatorModule
+    {
+        @Override
+        public List<PwmServletDefinition> forServlets()
         {
-            try
+            return Collections.singletonList( PwmServletDefinition.Helpdesk );
+        }
+
+        @Override
+        public Optional<TimeDuration> calculate( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
+        {
+            if ( !pwmRequest.isAuthenticated() )
+            {
+                return Optional.empty();
+            }
+
+            if ( !pwmRequest.getDomainConfig().readSettingAsBoolean( PwmSetting.HELPDESK_ENABLE ) )
+            {
+                return Optional.empty();
+            }
+
+            final HelpdeskProfile helpdeskProfile = pwmRequest.getHelpdeskProfile( );
+            if ( helpdeskProfile != null )
             {
-                if ( pwmSession.getSessionManager().checkPermission( pwmDomain, Permission.PWMADMIN ) )
+                final long helpdeskIdleTimeout = helpdeskProfile.readSettingAsLong( PwmSetting.HELPDESK_IDLE_TIMEOUT_SECONDS );
+                if ( helpdeskIdleTimeout > 0 )
                 {
-                    final long configEditorIdleTimeout = Long.parseLong( config.readAppProperty( AppProperty.CONFIG_EDITOR_IDLE_TIMEOUT ) );
-                    if ( configEditorIdleTimeout > 0 )
-                    {
-                        return TimeDuration.of( configEditorIdleTimeout, TimeDuration.Unit.SECONDS );
-                    }
+                    return Optional.of( TimeDuration.of( helpdeskIdleTimeout, TimeDuration.Unit.SECONDS ) );
                 }
             }
-            catch ( final PwmUnrecoverableException e )
+
+            return Optional.empty();
+        }
+    }
+
+    static class PublicPeopleSearchIdleCalculator implements IdleTimeoutCalculatorModule
+    {
+        @Override
+        public List<PwmServletDefinition> forServlets()
+        {
+            return Collections.singletonList( PwmServletDefinition.PublicPeopleSearch );
+        }
+
+        @Override
+        public Optional<TimeDuration> calculate( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
+        {
+            if ( pwmRequest.getDomainConfig().readSettingAsBoolean( PwmSetting.PEOPLE_SEARCH_ENABLE_PUBLIC ) )
             {
-                LOGGER.error( pwmRequest, () -> "error while figuring max idle timeout for session: " + e.getMessage() );
+                final PeopleSearchProfile peopleSearchProfile = pwmRequest.getDomainConfig().getPublicPeopleSearchProfile().orElseThrow(
+                        () -> PwmUnrecoverableException.newException( PwmError.ERROR_NO_PROFILE_ASSIGNED, "public peoplesearch profile not assigned" ) );
+
+                final long peopleSearchIdleTimeout = peopleSearchProfile.readSettingAsLong( PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS );
+                if ( peopleSearchIdleTimeout > 0 )
+                {
+                    return Optional.of( TimeDuration.of( peopleSearchIdleTimeout, TimeDuration.Unit.SECONDS ) );
+                }
             }
+
+            return Optional.empty();
         }
+    }
+
 
-        if ( pwmURL.matches( PwmServletDefinition.ConfigGuide ) )
+    static class PrivatePeopleSearchIdleCalculator implements IdleTimeoutCalculatorModule
+    {
+        @Override
+        public List<PwmServletDefinition> forServlets()
         {
-            if ( pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
+            return Collections.singletonList( PwmServletDefinition.PrivatePeopleSearch );
+        }
+
+        @Override
+        public Optional<TimeDuration> calculate( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
+        {
+            if ( !pwmRequest.isAuthenticated() )
             {
-                final long configGuideIdleTimeout = Long.parseLong( config.readAppProperty( AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT ) );
-                if ( configGuideIdleTimeout > 0 )
+                return Optional.empty();
+            }
+
+            if ( !pwmRequest.getDomainConfig().readSettingAsBoolean( PwmSetting.PEOPLE_SEARCH_ENABLE ) )
+            {
+                return Optional.empty();
+            }
+
+            final PeopleSearchProfile peopleSearchProfile = pwmRequest.getPeopleSearchProfile();
+            if ( peopleSearchProfile != null )
+            {
+                final long peopleSearchIdleTimeout = peopleSearchProfile.readSettingAsLong( PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS );
+                if ( peopleSearchIdleTimeout > 0 )
                 {
-                    return TimeDuration.of( configGuideIdleTimeout, TimeDuration.Unit.SECONDS );
+                    return Optional.of( TimeDuration.of( peopleSearchIdleTimeout, TimeDuration.Unit.SECONDS ) );
                 }
             }
-        }
 
-        final long idleTimeout = config.readSettingAsLong( PwmSetting.IDLE_TIMEOUT_SECONDS );
-        return TimeDuration.of( idleTimeout, TimeDuration.Unit.SECONDS );
+            return Optional.empty();
+        }
     }
 }

+ 7 - 6
server/src/main/java/password/pwm/http/filter/CookieManagementFilter.java

@@ -25,6 +25,8 @@ import password.pwm.PwmApplication;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.ContextManager;
 import password.pwm.http.HttpHeader;
+import password.pwm.http.PwmRequest;
+import password.pwm.http.PwmSession;
 import password.pwm.util.java.StringUtil;
 import password.pwm.util.logging.PwmLogger;
 
@@ -36,6 +38,7 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.util.Collection;
 
@@ -73,7 +76,7 @@ public class CookieManagementFilter implements Filter
     {
         filterChain.doFilter( servletRequest, servletResponse );
         addSameSiteCookieAttribute( ( HttpServletResponse ) servletResponse, value );
-        markSessionForRecycle( ( HttpServletRequest ) servletRequest );
+        markSessionForRecycle( ( HttpServletRequest ) servletRequest, ( HttpServletResponse ) servletResponse  );
     }
 
     /**
@@ -82,9 +85,8 @@ public class CookieManagementFilter implements Filter
      *
      * @param httpServletRequest The request to be marked
      */
-    private void markSessionForRecycle( final HttpServletRequest httpServletRequest )
+    private void markSessionForRecycle( final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse )
     {
-        /*
         if ( StringUtil.isEmpty( value ) )
         {
             return;
@@ -96,7 +98,8 @@ public class CookieManagementFilter implements Filter
             PwmSession pwmSession = null;
             try
             {
-                pwmSession = PwmSessionFactory.readPwmSession( httpSession );
+                final PwmRequest pwmRequest = PwmRequest.forRequest( httpServletRequest, httpServletResponse );
+                pwmSession = pwmRequest.getPwmSession();
             }
             catch ( final PwmUnrecoverableException e )
             {
@@ -112,8 +115,6 @@ public class CookieManagementFilter implements Filter
                 }
             }
         }
-
-         */
     }
 
     public static void addSameSiteCookieAttribute( final HttpServletResponse response, final String value )