From 674db5d84374b53dca22fb5ea783631b2180bf80 Mon Sep 17 00:00:00 2001 From: Stephan Richter Date: Sat, 10 Aug 2024 21:18:21 +0200 Subject: [PATCH] implemented clean-up Signed-off-by: Stephan Richter --- .../oidc/datastore/file/FileStore.java | 47 ++++++++++++++++++- .../src/main/resources/en/todo.html | 2 +- 2 files changed, 46 insertions(+), 3 deletions(-) diff --git a/de.srsoftware.oidc.datastore.file/src/main/java/de/srsoftware/oidc/datastore/file/FileStore.java b/de.srsoftware.oidc.datastore.file/src/main/java/de/srsoftware/oidc/datastore/file/FileStore.java index 1ab4b8c..8ac3404 100644 --- a/de.srsoftware.oidc.datastore.file/src/main/java/de/srsoftware/oidc/datastore/file/FileStore.java +++ b/de.srsoftware.oidc.datastore.file/src/main/java/de/srsoftware/oidc/datastore/file/FileStore.java @@ -4,7 +4,7 @@ import static de.srsoftware.oidc.api.Constants.*; import static de.srsoftware.oidc.api.data.User.*; import static de.srsoftware.utils.Optionals.nullable; import static de.srsoftware.utils.Strings.uuid; -import static java.lang.System.Logger.Level.WARNING; +import static java.lang.System.Logger.Level.*; import static java.util.Optional.empty; import de.srsoftware.oidc.api.*; @@ -20,6 +20,9 @@ import java.time.Duration; import java.time.Instant; import java.time.temporal.ChronoUnit; import java.util.*; +import java.util.stream.Collectors; +import java.util.stream.Stream; + import org.json.JSONObject; public class FileStore implements AuthorizationService, ClientService, SessionService, UserService, MailConfig { @@ -54,7 +57,48 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe auth = null; // lazy init! } + private void cleanUp() { + var now = Instant.now(); + var sessions = json.getJSONObject(SESSIONS); + LOG.log(DEBUG,"cleaning up sessions…"); + var sessionIds = Set.copyOf(sessions.keySet()); + for (var sessionId : sessionIds) { + var session = sessions.getJSONObject(sessionId); + var expiration = Instant.ofEpochSecond(session.getLong(EXPIRATION)); + if (expiration.isBefore(now)) { + sessions.remove(sessionId); + LOG.log(DEBUG,"removed old session {0}.",sessionId); + } + } + + var authorizations = json.getJSONObject(AUTHORIZATIONS); + var authorizationUsers = Set.copyOf(authorizations.keySet()); + var userIds = list().stream().map(User::uuid).collect(Collectors.toSet()); + for (var userId : authorizationUsers){ + if (!userIds.contains(userId)) { + authorizations.remove(userId); + continue; + } + var clients = authorizations.getJSONObject(userId); + var clientIds = Set.copyOf(clients.keySet()); + for (var clientId : clientIds){ + var client = clients.getJSONObject(clientId); + var scopes = Set.copyOf(client.keySet()); + for (var scope : scopes){ + var expiration = Instant.ofEpochSecond(client.getLong(scope)); + if (expiration.isBefore(now)) { + client.remove(scope); + } + } + if (client.isEmpty()) clients.remove(clientId); + } + if (clients.isEmpty()) authorizations.remove(userId); + } + } + + public FileStore save() { + cleanUp(); try { Files.writeString(storageFile, json.toString(2)); return this; @@ -63,7 +107,6 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe } } - /*** User Service Methods ***/ @Override diff --git a/de.srsoftware.oidc.web/src/main/resources/en/todo.html b/de.srsoftware.oidc.web/src/main/resources/en/todo.html index f3f2f10..b20dcfe 100644 --- a/de.srsoftware.oidc.web/src/main/resources/en/todo.html +++ b/de.srsoftware.oidc.web/src/main/resources/en/todo.html @@ -18,7 +18,7 @@
  • invalidate tokens
  • implement token refresh
  • handle https correctly in PathHandler.hostname
    • -
  • bessere Implementierung für UserController.stron(pass), anwendung überall da wo passworte geändert werden können
    • +
  • bessere Implementierung für UserController.strong(pass), anwendung überall da wo passworte geändert werden können