Merge pull request #823 from mposolda/master

KEYCLOAK-788 Ensure expired ClientSessions removed during UserSessionPro...
2014-10-30 23:34:27 +01:00 · 2014-10-30 23:34:27 +01:00 · 65362be4dd
commit 65362be4dd
parent 97907cd7ff a6ca925340
4 changed files with 47 additions and 1 deletions
--- a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java
+++ b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanUserSessionProvider.java
@ -210,6 +210,15 @@ public class InfinispanUserSessionProvider implements UserSessionProvider {
        for (String id : map.keySet()) {
            removeUserSession(realm, id);
        }
+
+        map = new MapReduceTask(sessionCache)
+                .mappedWith(ClientSessionMapper.create(realm.getId()).expiredRefresh(expiredRefresh).requireNullUserSession(true).emitKey())
+                .reducedWith(new FirstResultReducer())
+                .execute();
+
+        for (String id : map.keySet()) {
+            tx.remove(sessionCache, id);
+        }
    }

    @Override
--- a/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/mapreduce/ClientSessionMapper.java
+++ b/model/sessions-infinispan/src/main/java/org/keycloak/models/sessions/infinispan/mapreduce/ClientSessionMapper.java
@ -28,6 +28,10 @@ public class ClientSessionMapper implements Mapper<String, SessionEntity, String

    private String userSession;

+    private Long expiredRefresh;
+
+    private Boolean requireNullUserSession = false;
+
    public static ClientSessionMapper create(String realm) {
        return new ClientSessionMapper(realm);
    }
@ -52,6 +56,16 @@ public class ClientSessionMapper implements Mapper<String, SessionEntity, String
        return this;
    }

+    public ClientSessionMapper expiredRefresh(long expiredRefresh) {
+        this.expiredRefresh = expiredRefresh;
+        return this;
+    }
+
+    public ClientSessionMapper requireNullUserSession(boolean requireNullUserSession) {
+        this.requireNullUserSession = requireNullUserSession;
+        return this;
+    }
+
    @Override
    public void map(String key, SessionEntity e, Collector collector) {
        if (!realm.equals(e.getRealm())) {
@ -72,6 +86,14 @@ public class ClientSessionMapper implements Mapper<String, SessionEntity, String
            return;
        }

+        if (requireNullUserSession && entity.getUserSession() != null) {
+            return;
+        }
+
+        if (expiredRefresh != null && entity.getTimestamp() > expiredRefresh) {
+            return;
+        }
+
        switch (emit) {
            case KEY:
                collector.emit(key, key);
--- a/model/sessions-mem/src/main/java/org/keycloak/models/sessions/mem/MemUserSessionProvider.java
+++ b/model/sessions-mem/src/main/java/org/keycloak/models/sessions/mem/MemUserSessionProvider.java
@ -194,7 +194,7 @@ public class MemUserSessionProvider implements UserSessionProvider {
        Iterator<ClientSessionEntity> citr = clientSessions.values().iterator();
        while (citr.hasNext()) {
            ClientSessionEntity c = citr.next();
-            if (c.getSession() == null && c.getTimestamp() < Time.currentTime() - realm.getSsoSessionIdleTimeout()) {
+            if (c.getSession() == null && c.getRealmId().equals(realm.getId()) && c.getTimestamp() < Time.currentTime() - realm.getSsoSessionIdleTimeout()) {
                citr.remove();
            }
        }
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionProviderTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/UserSessionProviderTest.java
@ -244,12 +244,15 @@ public class UserSessionProviderTest {
    @Test
    public void testRemoveUserSessionsByExpired() {
        session.sessions().getUserSessions(realm, session.users().getUserByUsername("user1", realm));
+        ClientModel client = realm.findClient("test-app");

        try {
            Set<String> expired = new HashSet<String>();
+            Set<String> expiredClientSessions = new HashSet<String>();

            Time.setOffset(-(realm.getSsoSessionMaxLifespan() + 1));
            expired.add(session.sessions().createUserSession(realm, session.users().getUserByUsername("user1", realm), "user1", "127.0.0.1", "form", true).getId());
+            expiredClientSessions.add(session.sessions().createClientSession(realm, client).getId());

            Time.setOffset(0);
            UserSessionModel s = session.sessions().createUserSession(realm, session.users().getUserByUsername("user2", realm), "user2", "127.0.0.1", "form", true);
@ -257,9 +260,15 @@ public class UserSessionProviderTest {
            s.setLastSessionRefresh(0);
            expired.add(s.getId());

+            ClientSessionModel clSession = session.sessions().createClientSession(realm, client);
+            clSession.setUserSession(s);
+            expiredClientSessions.add(clSession.getId());
+
            Set<String> valid = new HashSet<String>();
+            Set<String> validClientSessions = new HashSet<String>();

            valid.add(session.sessions().createUserSession(realm, session.users().getUserByUsername("user1", realm), "user1", "127.0.0.1", "form", true).getId());
+            validClientSessions.add(session.sessions().createClientSession(realm, client).getId());

            resetSession();

@ -269,10 +278,16 @@ public class UserSessionProviderTest {
            for (String e : expired) {
                assertNull(session.sessions().getUserSession(realm, e));
            }
+            for (String e : expiredClientSessions) {
+                assertNull(session.sessions().getClientSession(realm, e));
+            }

            for (String v : valid) {
                assertNotNull(session.sessions().getUserSession(realm, v));
            }
+            for (String e : validClientSessions) {
+                assertNotNull(session.sessions().getClientSession(realm, e));
+            }
        } finally {
            Time.setOffset(0);
        }