decoupling sesson object from user object

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
2024-09-10 23:27:17 +02:00
parent f600040c0e
commit 2f4726d1e7
10 changed files with 114 additions and 56 deletions
--- a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/ClientController.java
+++ b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/ClientController.java
@@ -22,11 +22,13 @@ public class ClientController extends Controller {
 	private static final System.Logger LOG = System.getLogger(ClientController.class.getSimpleName());
 	private final AuthorizationService authorizations;
 	private final ClientService	   clients;
+	private final UserService	   users;

 	public ClientController(AuthorizationService authorizationService, ClientService clientService, SessionService sessionService, UserService userService) {
-		super(sessionService, userService);
+		super(sessionService);
 		authorizations = authorizationService;
 		clients        = clientService;
+		users          = userService;
 	}

 	private boolean authorizationError(HttpExchange ex, String errorCode, String description, String state) throws IOException {
@@ -38,7 +40,9 @@ public class ClientController extends Controller {
 	}

 	private boolean authorize(HttpExchange ex, Session session) throws IOException {
-		var user  = session.user();
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user  = optUser.get();
 		var json  = json(ex);
 		var state = json.has(STATE) ? json.getString(STATE) : null;
 		if (!json.has(CLIENT_ID)) return authorizationError(ex, INVALID_REQUEST, "Missing required parameter \"%s\"!".formatted(CLIENT_ID), state);
@@ -95,7 +99,9 @@ public class ClientController extends Controller {
 	}

 	private boolean deleteClient(HttpExchange ex, Session session) throws IOException {
-		if (!session.user().hasPermission(MANAGE_CLIENTS)) return badRequest(ex, "NOT ALLOWED");
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		if (!optUser.get().hasPermission(MANAGE_CLIENTS)) return badRequest(ex, "NOT ALLOWED");
 		var json = json(ex);
 		var id   = json.getString(CLIENT_ID);
 		clients.getClient(id).ifPresent(clients::remove);
@@ -110,7 +116,11 @@ public class ClientController extends Controller {

 		// post-login paths
 		var session = optSession.get();
-		sessions.extend(session);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user = optUser.get();
+		sessions.extend(session, user);
+
 		switch (path) {
 			case "/":
 				return deleteClient(ex, session);
@@ -126,7 +136,11 @@ public class ClientController extends Controller {

 		// post-login paths
 		var session = optSession.get();
-		sessions.extend(session);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user = optUser.get();
+		sessions.extend(session, user);
+
 		switch (path) {
 			case "/":
 				return load(ex, session);
@@ -141,8 +155,9 @@ public class ClientController extends Controller {
 	}

 	private boolean list(HttpExchange ex, Session session) throws IOException {
-		var user = session.user();
-		if (!user.hasPermission(MANAGE_CLIENTS)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		if (!optUser.get().hasPermission(MANAGE_CLIENTS)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
 		var json = new JSONObject();
 		clients.listClients().forEach(client -> json.put(client.id(), Map.of("name", client.name(), "redirect_uris", client.redirectUris())));
 		return sendContent(ex, json);
@@ -150,7 +165,9 @@ public class ClientController extends Controller {


 	private boolean load(HttpExchange ex, Session session) throws IOException {
-		if (!session.user().hasPermission(MANAGE_CLIENTS)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		if (!optUser.get().hasPermission(MANAGE_CLIENTS)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
 		var json = json(ex);
 		if (json.has(CLIENT_ID)) {
 			var clientID = json.getString(CLIENT_ID);
@@ -161,7 +178,9 @@ public class ClientController extends Controller {
 	}

 	private boolean save(HttpExchange ex, Session session) throws IOException {
-		if (!session.user().hasPermission(MANAGE_CLIENTS)) return badRequest(ex, "NOT ALLOWED");
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		if (!optUser.get().hasPermission(MANAGE_CLIENTS)) return badRequest(ex, "NOT ALLOWED");
 		var json      = json(ex);
 		var redirects = new HashSet<String>();
 		for (Object o : json.getJSONArray(REDIRECT_URIS)) {
--- a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/Controller.java
+++ b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/Controller.java
@@ -5,20 +5,22 @@ import com.sun.net.httpserver.HttpExchange;
 import de.srsoftware.http.PathHandler;
 import de.srsoftware.http.SessionToken;
 import de.srsoftware.oidc.api.SessionService;
-import de.srsoftware.oidc.api.UserService;
 import de.srsoftware.oidc.api.data.Session;
+import java.io.IOException;
 import java.util.Optional;

 public abstract class Controller extends PathHandler {
 	protected final SessionService sessions;
-	private final UserService      users;

-	Controller(SessionService sessionService, UserService userService) {
+	Controller(SessionService sessionService) {
 		sessions = sessionService;
-		users    = userService;
 	}

 	protected Optional<Session> getSession(HttpExchange ex) {
-		return SessionToken.from(ex).map(SessionToken::sessionId).flatMap(sessionId -> sessions.retrieve(sessionId, users));
+		return SessionToken.from(ex).map(SessionToken::sessionId).flatMap(sessionId -> sessions.retrieve(sessionId));
+	}
+
+	protected boolean invalidSessionUser(HttpExchange ex) throws IOException {
+		return serverError(ex, "Session object refers to missing user");
 	}
 }
--- a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/EmailController.java
+++ b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/EmailController.java
@@ -14,11 +14,13 @@ import de.srsoftware.oidc.api.data.Session;
 import java.io.IOException;

 public class EmailController extends Controller {
-	private final MailConfig mailConfig;
+	private final MailConfig  mailConfig;
+	private final UserService users;

 	public EmailController(MailConfig mailConfig, SessionService sessionService, UserService userService) {
-		super(sessionService, userService);
+		super(sessionService);
 		this.mailConfig = mailConfig;
+		users	= userService;
 	}

 	@Override
@@ -26,7 +28,11 @@ public class EmailController extends Controller {
 		var optSession = getSession(ex);
 		if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
 		var session = optSession.get();
-		sessions.extend(session);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user = optUser.get();
+		sessions.extend(session, user);
+
 		switch (path) {
 			case "/settings":
 				return provideSettings(ex, session);
@@ -39,7 +45,10 @@ public class EmailController extends Controller {
 		var optSession = getSession(ex);
 		if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
 		var session = optSession.get();
-		sessions.extend(session);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user = optUser.get();
+		sessions.extend(session, user);

 		switch (path) {
 			case "/settings":
@@ -49,12 +58,16 @@ public class EmailController extends Controller {
 	}

 	private boolean provideSettings(HttpExchange ex, Session session) throws IOException {
-		if (!session.user().hasPermission(MANAGE_SMTP)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		if (!optUser.get().hasPermission(MANAGE_SMTP)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
 		return sendContent(ex, mailConfig.map());
 	}

 	private boolean saveSettings(HttpExchange ex, Session session) throws IOException {
-		if (!session.user().hasPermission(MANAGE_SMTP)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		if (!optUser.get().hasPermission(MANAGE_SMTP)) return sendEmptyResponse(HTTP_FORBIDDEN, ex);
 		var data = json(ex);
 		if (data.has(SMTP_HOST)) mailConfig.smtpHost(data.getString(SMTP_HOST));
 		if (data.has(SMTP_PORT)) mailConfig.smtpPort(data.getInt(SMTP_PORT));
--- a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/UserController.java
+++ b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/UserController.java
@@ -30,7 +30,7 @@ public class UserController extends Controller {
 	private final ResourceLoader resourceLoader;

 	public UserController(MailConfig mailConfig, SessionService sessionService, UserService userService, ResourceLoader resourceLoader) {
-		super(sessionService, userService);
+		super(sessionService);
 		users	    = userService;
 		this.mailConfig	    = mailConfig;
 		this.resourceLoader = resourceLoader;
@@ -51,9 +51,11 @@ public class UserController extends Controller {
 	public boolean doDelete(String path, HttpExchange ex) throws IOException {
 		var optSession = getSession(ex);
 		if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
-
-		// post-login paths
-		var user = sessions.extend(optSession.get()).user();
+		var session = optSession.get();
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user = optUser.get();
+		sessions.extend(session, user);

 		switch (path) {
 			case "/delete":
@@ -88,10 +90,11 @@ public class UserController extends Controller {
 		}
 		var optSession = getSession(ex);
 		if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
-
-		// post-login paths
 		var session = optSession.get();
-		sessions.extend(session);
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user = optUser.get();
+		sessions.extend(session, user);

 		switch (path) {
 			case "/logout":
@@ -112,15 +115,15 @@ public class UserController extends Controller {
 		}
 		var optSession = getSession(ex);
 		if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
-
-		// post-login paths
 		var session = optSession.get();
-		sessions.extend(session);
-		var user = session.user();
+		var optUser = users.load(session.userId());
+		if (optUser.isEmpty()) return invalidSessionUser(ex);
+		var user = optUser.get();
+		sessions.extend(session, user);

 		switch (path) {
 			case "/":
-				return sendUserAndCookie(ex, session);
+				return sendUserAndCookie(ex, session, user);
 			case "/add":
 				return addUser(ex, user);
 			case "/list":
@@ -192,7 +195,7 @@ public class UserController extends Controller {
 		var password = body.has(PASSWORD) ? body.getString(PASSWORD) : null;

 		Optional<User> user = users.load(username, password);
-		if (user.isPresent()) return sendUserAndCookie(ex, sessions.createSession(user.get()));
+		if (user.isPresent()) return sendUserAndCookie(ex, sessions.createSession(user.get()), user.get());
 		return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
 	}

@@ -262,9 +265,9 @@ public class UserController extends Controller {
 		}
 	}

-	private boolean sendUserAndCookie(HttpExchange ex, Session session) throws IOException {
+	private boolean sendUserAndCookie(HttpExchange ex, Session session, User user) throws IOException {
 		new SessionToken(session.id()).addTo(ex);
-		return sendContent(ex, session.user().map(false));
+		return sendContent(ex, user.map(false));
 	}