Session creation : Get and Set Oem ClientID

This commit implements handling the OemSession ClientID parameter for the IBM management console. Each session gets a random generated unique Id (Resource Id); but this Id is not a parameter that the client can set to a well known identifier. This Oem parameter ClientID is the string which the client can supply to uniquely identify itself among other sessions in the BMC. This is a read-only property which shall be passed in only during the session creation. 1. Create session by supplying the ClientID Oem parameter 2. Display the ClientID associated with the session 3. Persist the ClientID across BMC reboot Tested by: ============ 1. POST https://${bmc}/redfish/v1/SessionService/Sessions -d '{"UserName":"root", "Password":<>, "Oem":{"OpenBMC" : {"ClientID":"<client unique id>"}}}' 2. GET https://${bmc}/redfish/v1/SessionService/Sessions/<id> { "@odata.id": "/redfish/v1/SessionService/Sessions/<id>", "@odata.type": "#Session.v1_0_2.Session", "Description": "Manager User Session", "Id": "<id>", "Name": "User Session", "Oem": { "OpenBMC": { "@odata.type": "#OemSession.v1_0_0.Session", "ClientID": "<client unique id>" } }, "UserName": "root" } 3. Verified the session creation works fine without the Oem parameters. 4. Redfish validator Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com> Change-Id: Ia740a610e3974dc3781bcee702c74ded9903944a
author: Sunitha Harish <sunithaharish04@gmail.com> 2020-05-12 13:17:57 +0300
committer: Sunitha Harish <sunithaharish04@gmail.com> 2020-06-17 07:22:05 +0300
commit: 08bdcc71e5804db9b5c35361e8456e636d258b04 (patch)
tree: 9a2d82d50821a2faf833916eb41f10ddc0701626 /include/sessions.hpp
parent: 8114bd4d9ba4b927ecd2c2eeb3fc0885f684ad25 (diff)
download: bmcweb-08bdcc71e5804db9b5c35361e8456e636d258b04.tar.xz
1 files changed, 19 insertions, 6 deletions
diff --git a/include/sessions.hpp b/include/sessions.hpp
index 1176cfca47..e4558094a8 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -43,6 +43,7 @@ struct UserSession
     std::string sessionToken;
     std::string username;
     std::string csrfToken;
+    std::string clientId;
     std::chrono::time_point<std::chrono::steady_clock> lastUpdated;
     PersistenceType persistence;
     bool cookieAuth = false;
@@ -96,6 +97,10 @@ struct UserSession
             {
                 userSession->username = *thisValue;
             }
+            else if (element.key() == "client_id")
+            {
+                userSession->clientId = *thisValue;
+            }
             else
             {
                 BMCWEB_LOG_ERROR
@@ -207,7 +212,7 @@ class SessionStore
     std::shared_ptr<UserSession> generateUserSession(
         const std::string_view username,
         PersistenceType persistence = PersistenceType::TIMEOUT,
-        bool isConfigureSelfOnly = false)
+        bool isConfigureSelfOnly = false, const std::string_view clientId = "")
     {
         // TODO(ed) find a secure way to not generate session identifiers if
         // persistence is set to SINGLE_REQUEST
@@ -254,11 +259,10 @@ class SessionStore
                 return nullptr;
             }
         }
-
-        auto session = std::make_shared<UserSession>(
-            UserSession{uniqueId, sessionToken, std::string(username),
-                        csrfToken, std::chrono::steady_clock::now(),
-                        persistence, false, isConfigureSelfOnly});
+        auto session = std::make_shared<UserSession>(UserSession{
+            uniqueId, sessionToken, std::string(username), csrfToken,
+            std::string(clientId), std::chrono::steady_clock::now(),
+            persistence, false, isConfigureSelfOnly});
         auto it = authTokens.emplace(std::make_pair(sessionToken, session));
         // Only need to write to disk if session isn't about to be destroyed.
         needWrite = persistence == PersistenceType::TIMEOUT;
@@ -423,10 +427,19 @@ struct adl_serializer<std::shared_ptr<crow::persistent_data::UserSession>>
         if (p->persistence !=
             crow::persistent_data::PersistenceType::SINGLE_REQUEST)
         {
+#ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE
+            j = nlohmann::json{{"unique_id", p->uniqueId},
+                               {"session_token", p->sessionToken},
+                               {"username", p->username},
+                               {"csrf_token", p->csrfToken},
+                               { "client_id",
+                                 p->clientId }};
+#else
             j = nlohmann::json{{"unique_id", p->uniqueId},
                                {"session_token", p->sessionToken},
                                {"username", p->username},
                                {"csrf_token", p->csrfToken}};
+#endif
         }
     }
 };
author	Sunitha Harish <sunithaharish04@gmail.com>	2020-05-12 13:17:57 +0300
committer	Sunitha Harish <sunithaharish04@gmail.com>	2020-06-17 07:22:05 +0300
commit	08bdcc71e5804db9b5c35361e8456e636d258b04 (patch)
tree	9a2d82d50821a2faf833916eb41f10ddc0701626 /include/sessions.hpp
parent	8114bd4d9ba4b927ecd2c2eeb3fc0885f684ad25 (diff)
download	bmcweb-08bdcc71e5804db9b5c35361e8456e636d258b04.tar.xz