Skip to content

GuiServerAuthSessionManager

class GuiServerAuthSessionManager : public std::enable_shared_from_this<GuiServerAuthSessionManager>

@brief Manages user-authentication GUI Sessions.

Takes care of authorizing one-time session tokens to start sessions and of communicating sessions about to expire or already expired.

Functions

Name Description
GuiServerAuthSessionManager @brief Construct a new Gui Server Session Manager object topic : the Karabo topic against which session tokens will be authorized. authServerUrl : the URL of the authentication server to use for authorizing one-time temporary session tokens. sessionDurationSeconds : the duration, in seconds, to be enforced for sessions. sessionEndNoticeSeconds : the time in advance, in seconds, to communicate about an eminent end of session event. onEminentExpiration : handler for sessions about to expire. onExpiration : handler for expired sessions.
beginSession @brief Asynchronously starts a new session for a given one-time session token.
endSession @brief Synchronously terminates a session referenced by a given session token.
isSessionExpiring @brief Checks whether a session is "about" to expire - current time is between the expiration notice and expiration timepoints for the session sessionToken : the one-time token bound to the session to be checked @throws KARABO_PARAMETER_EXCEPTION if sessionToken doesn't correspond to a known session.
checkSessionsExpirations @brief Checks the currently active sessions removing the expired ones after invoking the registered expiration handlers for each of them.
onTokenAuthorizeResult @brief Handles the result of a session token authorization request, updating the internal state of the manager and communicating the outcome of the begin session request to the external requestor.
scheduleNextExpirationsCheck @brief Schedules the next expiration check if there's any session to be checked.

Function Details

GuiServerAuthSessionManager

GuiServerAuthSessionManager(const std::string& topic, const std::string& authServerUrl, unsigned int sessionDurationSeconds, unsigned int sessionEndNoticeSeconds, EminentExpirationHandler onEminentExpiration, ExpirationHandler onExpiration)

@brief Construct a new Gui Server Session Manager object

topic : the Karabo topic against which session tokens will be authorized.

authServerUrl : the URL of the authentication server to use for authorizing one-time temporary session tokens.

sessionDurationSeconds : the duration, in seconds, to be enforced for sessions.

sessionEndNoticeSeconds : the time in advance, in seconds, to communicate about an eminent end of session event.

onEminentExpiration : handler for sessions about to expire.

onExpiration : handler for expired sessions.

beginSession

void beginSession(const std::string& sessionToken, const BeginSessionHandler& onBeginSession)

@brief Asynchronously starts a new session for a given one-time session token.

sessionToken : the one-time session token to be authorized and bound to the started session.

onBeginSession : handler for begin session events (either successful or failed).

Note

Calls the registered BeginSessionHandler with the results of the beginSession operation.

checkSessionsExpirations

void checkSessionsExpirations(const boost::system::error_code& error)

@brief Checks the currently active sessions removing the expired ones after invoking the registered expiration handlers for each of them.

error : an error code sent by boost::asio that if different from 0 indicates that the timer pulse that should invoke this check at some future point has been cancelled.

endSession

EndSessionResult endSession(const std::string& sessionToken)

@brief Synchronously terminates a session referenced by a given session token.

sessionToken : the one-time session token bound to the session to be terminated.

Return : a structure with the endSession operation results.

Note

an error due to a beginSession token not found isn't necessarily an error from the GUI client point of view. In the unlikely scenario of an endSession request that reaches the GUI server while the expiration check that will detect the expiration of the same token is already running, the end session request will "fail" with a "token not found" message. It is up to the GUI client to decide what to do in such cases - maybe keep track of an "over the wire" end session request token and ignore any error related to it if an expiration notification is received for that token between the request dispatch and the arrival of its response.

isSessionExpiring

bool isSessionExpiring(const std::string& sessionToken)

@brief Checks whether a session is "about" to expire - current time is between the expiration notice and expiration timepoints for the session

sessionToken : the one-time token bound to the session to be checked

@throws KARABO_PARAMETER_EXCEPTION if sessionToken doesn't correspond to a known session.

onTokenAuthorizeResult

void onTokenAuthorizeResult(const std::string& sessionToken, const BeginSessionHandler& onBeginSession, const karabo::net::OneTimeTokenAuthorizeResult& authResult)

@brief Handles the result of a session token authorization request, updating the internal state of the manager and communicating the outcome of the begin session request to the external requestor.

sessionToken : the one-time session token whose authorization was requested.

onBeginSession : handler for begin session events (either successful or failed).

authResult : the result of the authorization of the session token provided by the external caller of the begin session operation.

scheduleNextExpirationsCheck

void scheduleNextExpirationsCheck()

@brief Schedules the next expiration check if there's any session to be checked.

Note

this method must be called with the m_sessionsMutex locked.