Session API: tied SessionToken to SessionStore

Author: jknack

jooby/src/main/java/io/jooby/SessionOptions.java

@@ -5,13 +5,8 @@
  */
 package io.jooby;
 
-import io.jooby.internal.MemorySessionStore;
-import io.jooby.internal.MultipleSessionToken;
-import io.jooby.internal.SecretSessionToken;
-
 import javax.annotation.Nonnull;
 import java.security.SecureRandom;
-import java.time.Duration;
 import java.util.Base64;
 
 /**
@@ -25,47 +20,19 @@
  * @since 2.0.0
  */
 public class SessionOptions {
-  private static final Cookie DEFAULT_COOKIE = new Cookie("jooby.sid")
-      .setMaxAge(Duration.ofSeconds(-1))
-      .setHttpOnly(true)
-      .setPath("/");
-
   private static final int ID_SIZE = 30;
 
   private static final SecureRandom secure = new SecureRandom();
 
-  private SessionStore store = new MemorySessionStore();
-
-  private final SessionToken sessionToken;
-
-  /**
-   * Creates a session options.
-   *
-   * @param secret Secret key. Used to signed the cookie.
-   * @param sessionToken session ID.
-   */
-  public SessionOptions(@Nonnull String secret, @Nonnull SessionToken... sessionToken) {
-    this.sessionToken = new SecretSessionToken(createSessionId(sessionToken), secret);
-  }
+  private final SessionStore store;
 
-  /**
-   * Creates a session options.
-   *
-   * @param sessionToken session ID.
-   */
-  public SessionOptions(@Nonnull SessionToken... sessionToken) {
-    this.sessionToken = createSessionId(sessionToken);
+  public SessionOptions(SessionStore store) {
+    this.store = store;
   }
 
-  /**
-   * Session token strategy (cookie or header).
-   *
-   * @return Session token strategy (cookie or header).
-   */
-  public SessionToken getSessionToken() {
-    return sessionToken;
+  public SessionOptions() {
+    this(SessionStore.memory());
   }
-
   /**
    * Session store (defaults uses memory).
    *
@@ -75,17 +42,6 @@ public SessionToken getSessionToken() {
     return store;
   }
 
-  /**
-   * Set session store.
-   *
-   * @param store Session store.
-   * @return This options.
-   */
-  public @Nonnull SessionOptions setStore(@Nonnull SessionStore store) {
-    this.store = store;
-    return this;
-  }
-
   /**
    * Generates a Session ID.
    *
@@ -96,14 +52,4 @@ public SessionToken getSessionToken() {
     secure.nextBytes(bytes);
     return Base64.getUrlEncoder().withoutPadding().encodeToString(bytes);
   }
-
-  private static SessionToken createSessionId(@Nonnull SessionToken[] sessionId) {
-    if (sessionId.length == 0) {
-      return SessionToken.cookie(DEFAULT_COOKIE);
-    } else if (sessionId.length == 1) {
-      return sessionId[0];
-    } else {
-      return new MultipleSessionToken(sessionId);
-    }
-  }
 }

jooby/src/main/java/io/jooby/SessionStore.java

@@ -5,8 +5,11 @@
  */
 package io.jooby;
 
+import io.jooby.internal.MemorySessionStore;
+
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
+import java.time.Duration;
 import java.time.Instant;
 
 /**
@@ -17,6 +20,13 @@
  */
 public interface SessionStore {
 
+  Cookie SID = new Cookie("jooby.sid")
+      .setMaxAge(Duration.ofSeconds(-1))
+      .setHttpOnly(true)
+      .setPath("/");
+
+  @Nonnull SessionToken getSessionToken();
+
   /**
    * Creates a new session. This method must:
    *
@@ -56,4 +66,16 @@ public interface SessionStore {
    * @param session Session to save.
    */
   void save(@Nonnull Context ctx);
+
+  static SessionStore memory() {
+    return memory(SID);
+  }
+
+  static SessionStore memory(Cookie cookie) {
+    return memory(SessionToken.cookie(cookie));
+  }
+
+  static SessionStore memory(SessionToken token) {
+    return new MemorySessionStore(token);
+  }
 }

jooby/src/main/java/io/jooby/internal/MemorySessionStore.java

@@ -6,11 +6,13 @@
 package io.jooby.internal;
 
 import io.jooby.Context;
+import io.jooby.Router;
 import io.jooby.Session;
 import io.jooby.SessionToken;
 import io.jooby.SessionOptions;
 import io.jooby.SessionStore;
 
+import javax.annotation.Nonnull;
 import java.time.Instant;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
@@ -30,6 +32,16 @@ public SessionData(Instant creationTime, Instant lastAccessedTime, Map hash) {
 
   private ConcurrentHashMap<String, SessionData> sessions = new ConcurrentHashMap<>();
 
+  private SessionToken token;
+
+  public MemorySessionStore(SessionToken token) {
+    this.token = token;
+  }
+
+  @Nonnull @Override public SessionToken getSessionToken() {
+    return token;
+  }
+
   @Override public Session newSession(Context ctx) {
     SessionOptions options = sessionOptions(ctx);
     String sessionId = options.generateId();
@@ -38,13 +50,12 @@ public SessionData(Instant creationTime, Instant lastAccessedTime, Map hash) {
         .setCreationTime(now)
         .setLastAccessedTime(now)
         .setNew(true);
-    options.getSessionToken().saveToken(ctx, sessionId);
+    token.saveToken(ctx, sessionId);
     return session;
   }
 
   @Override public Session findSession(Context ctx) {
-    SessionOptions options = sessionOptions(ctx);
-    String sessionId = options.getSessionToken().findToken(ctx);
+    String sessionId = token.findToken(ctx);
     if (sessionId == null) {
       return null;
     }
@@ -53,7 +64,7 @@ public SessionData(Instant creationTime, Instant lastAccessedTime, Map hash) {
       Session session = Session.create(ctx, sessionId, data.hash);
       session.setLastAccessedTime(data.lastAccessedTime);
       session.setCreationTime(data.creationTime);
-      options.getSessionToken().saveToken(ctx, sessionId);
+      token.saveToken(ctx, sessionId);
       return session;
     }
     return null;
@@ -62,9 +73,7 @@ public SessionData(Instant creationTime, Instant lastAccessedTime, Map hash) {
   @Override public void deleteSession(Context ctx) {
     String sessionId = ctx.session().getId();
     sessions.remove(sessionId);
-    SessionOptions options = sessionOptions(ctx);
-    SessionToken store = options.getSessionToken();
-    store.deleteToken(ctx, sessionId);
+    token.deleteToken(ctx, sessionId);
   }
 
   @Override public void save(Context ctx) {
@@ -79,6 +88,7 @@ public SessionData(Instant creationTime, Instant lastAccessedTime, Map hash) {
   }
 
   private static SessionOptions sessionOptions(Context ctx) {
-    return ctx.getRouter().getSessionOptions();
+    Router router = ctx.getRouter();
+    return router.getSessionOptions();
   }
 }

jooby/src/main/java/io/jooby/internal/SessionImpl.java

@@ -6,8 +6,10 @@
 package io.jooby.internal;
 
 import io.jooby.Context;
+import io.jooby.Router;
 import io.jooby.Session;
 import io.jooby.SessionOptions;
+import io.jooby.SessionStore;
 import io.jooby.Value;
 import io.jooby.ValueNode;
 
@@ -111,15 +113,24 @@ public SessionImpl(Context ctx, String id, Map<String, String> attributes) {
   @Override public void destroy() {
     ctx.getAttributes().remove(NAME);
     attributes.clear();
-    SessionOptions options = ctx.getRouter().getSessionOptions();
-    options.getSessionToken().deleteToken(ctx, id);
-    options.getStore().deleteSession(ctx);
+    SessionStore store = store(ctx);
+    store.getSessionToken().deleteToken(ctx, id);
+    store.deleteSession(ctx);
   }
 
   private void updateState() {
     modify = true;
     lastAccessedTime = Instant.now();
-    SessionOptions sessionOptions = ctx.getRouter().getSessionOptions();
-    sessionOptions.getSessionToken().saveToken(ctx, id);
+    store(ctx).getSessionToken().saveToken(ctx, id);
   }
+
+  private static SessionOptions options(Context ctx) {
+    Router router = ctx.getRouter();
+    return router.getSessionOptions();
+  }
+
+  private static SessionStore store(Context ctx) {
+    return options(ctx).getStore();
+  }
+
 }

tests/src/test/java/io/jooby/FeaturedTest.java

@@ -1748,7 +1748,7 @@ public void sessionCookie() {
     /**********************************************************************************************/
     new JoobyRunner(app -> {
       app.setSessionOptions(
-          new SessionOptions(SessionToken.cookie(new Cookie("my.sid").setMaxAge(1L)))
+          new SessionOptions(SessionStore.memory(new Cookie("my.sid").setMaxAge(1L)))
       );
       app.get("/session", ctx -> ctx.session().toMap());
       app.get("/sessionMaxAge", ctx -> Optional.ofNullable(ctx.sessionOrNull()).isPresent());
@@ -1763,8 +1763,9 @@ public void sessionCookie() {
 
   @Test
   public void signSession() {
+
     new JoobyRunner(app -> {
-      app.setSessionOptions(new SessionOptions("987654345!$009P"));
+      // app.setSessionOptions(new SessionOptions("987654345!$009P"));
       app.get("/findSession", ctx -> Optional.ofNullable(ctx.sessionOrNull()).isPresent());
       app.get("/getSession", ctx -> ctx.session().get("foo").value("none"));
       app.get("/putSession", ctx -> ctx.session().put("foo", "bar").get("foo").value());
@@ -1825,7 +1826,7 @@ public void signSession() {
   public void sessionHeader() {
     new JoobyRunner(app -> {
 
-      app.setSessionOptions(new SessionOptions(SessionToken.header("jooby.sid")));
+      app.setSessionOptions(new SessionOptions(SessionStore.memory(SessionToken.header("jooby.sid"))));
 
       app.get("/findSession", ctx -> Optional.ofNullable(ctx.sessionOrNull()).isPresent());
       app.get("/getSession", ctx -> ctx.session().get("foo").value("none"));