Finished

2026-02-11 23:20:06 +01:00
parent 87a28b3749
commit 7f0c30a358
16 changed files with 870 additions and 128 deletions
--- a/src/main/java/org/openautonomousconnection/webserver/api/SessionContext.java
+++ b/src/main/java/org/openautonomousconnection/webserver/api/SessionContext.java
@@ -5,14 +5,17 @@ import org.openautonomousconnection.protocol.side.web.ProtocolWebServer;
 import org.openautonomousconnection.protocol.side.web.managers.SessionManager;

 import java.io.IOException;
+import java.util.Locale;
 import java.util.Map;

 /**
 * Provides session-related information for Java WebPages.
- * Thin layer on top of SessionManager.
+ * Reads session id primarily from Cookie header ("session=...").
 */
 public final class SessionContext {

+    private static final String COOKIE_NAME = "session";
+
    private final String sessionId;
    private final String user;
    private final boolean valid;
@@ -23,16 +26,30 @@ public final class SessionContext {
        this.valid = valid;
    }

+    /**
+     * Creates a SessionContext from request headers (case-insensitive).
+     *
+     * @param client  connected client
+     * @param server  web server
+     * @param headers request headers
+     * @return session context
+     * @throws IOException on errors
+     */
    public static SessionContext from(CustomConnectedClient client, ProtocolWebServer server, Map<String, String> headers) throws IOException {
-        if (headers == null) return new SessionContext(null, null, false);
+        if (headers == null || headers.isEmpty()) return new SessionContext(null, null, false);

-        String sessionId = headers.get("session");
-        if (sessionId == null) return new SessionContext(null, null, false);
+        String sessionId = extractSessionId(headers);
+        if (sessionId == null || sessionId.isBlank()) return new SessionContext(null, null, false);

-        String ip = (client.getConnection().getTcpSocket() != null && client.getConnection().getTcpSocket().getInetAddress() != null)
-                ? client.getConnection().getTcpSocket().getInetAddress().getHostAddress() : "";
+        String ip = (client != null
+                && client.getConnection() != null
+                && client.getConnection().getTcpSocket() != null
+                && client.getConnection().getTcpSocket().getInetAddress() != null)
+                ? client.getConnection().getTcpSocket().getInetAddress().getHostAddress()
+                : "";

-        String userAgent = headers.getOrDefault("user-agent", "");
+        String userAgent = getHeaderIgnoreCase(headers, "user-agent");
+        if (userAgent == null) userAgent = "";

        boolean valid = SessionManager.isValid(sessionId, ip, userAgent, server);
        if (!valid) return new SessionContext(sessionId, null, false);
@@ -41,15 +58,65 @@ public final class SessionContext {
        return new SessionContext(sessionId, user, true);
    }

+    private static String extractSessionId(Map<String, String> headers) {
+        // 1) Cookie header preferred
+        String cookie = getHeaderIgnoreCase(headers, "cookie");
+        String fromCookie = parseCookie(cookie, COOKIE_NAME);
+        if (fromCookie != null && !fromCookie.isBlank()) return fromCookie;
+
+        // 2) Backward-compatible fallback: old custom header
+        String legacy = getHeaderIgnoreCase(headers, "session");
+        return (legacy == null || legacy.isBlank()) ? null : legacy.trim();
+    }
+
+    private static String parseCookie(String cookieHeader, String name) {
+        if (cookieHeader == null || cookieHeader.isBlank() || name == null || name.isBlank()) return null;
+
+        String[] parts = cookieHeader.split(";");
+        for (String p : parts) {
+            String t = p.trim();
+            int eq = t.indexOf('=');
+            if (eq <= 0) continue;
+
+            String k = t.substring(0, eq).trim();
+            if (!k.equalsIgnoreCase(name)) continue;
+
+            String v = t.substring(eq + 1).trim();
+            return v.isEmpty() ? null : v;
+        }
+        return null;
+    }
+
+    private static String getHeaderIgnoreCase(Map<String, String> headers, String key) {
+        if (key == null) return null;
+        String needle = key.trim().toLowerCase(Locale.ROOT);
+        for (Map.Entry<String, String> e : headers.entrySet()) {
+            if (e.getKey() == null) continue;
+            if (e.getKey().trim().toLowerCase(Locale.ROOT).equals(needle)) {
+                return e.getValue();
+            }
+        }
+        return null;
+    }
+
+    /**
+     * @return whether session is valid
+     */
    public boolean isValid() {
        return valid;
    }

+    /**
+     * @return session id
+     */
    public String getSessionId() {
        return sessionId;
    }

+    /**
+     * @return user id stored in session (string)
+     */
    public String getUser() {
        return user;
    }
-}
+}