Fetch the ClientIP during session creation

This commit saves the IP Address of the client from where the session was created. - This is not a user supplied value. The BMC will internally pull the IP address from the incoming create-session request. - It should also be noted that ClientIP will not change if the same session token is used from some other IP address for further management of the BMC. Tested by: 1. Create session 2. Display the Session details with GET command to check the IP from where the session is created/updated. GET https://${bmc}/redfish/v1/SessionService/Sessions/<id> { "@odata.id": "/redfish/v1/SessionService/Sessions/<id>", "@odata.type": "#Session.v1_0_2.Session", "Description": "Manager User Session", "Id": "<id>", "Name": "User Session", "Oem": { "OpenBMC": { "@odata.type": "#OemSession.v1_0_0.Session", "ClientOriginIP": "<ip address>" } }, "UserName": "root" } 3. Redfish validator is run successfully. Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com> Change-Id: I0076f260f50a991600ec060c72f3e46fb9a9cbb8
author: Sunitha Harish <sunithaharish04@gmail.com> 2020-05-28 13:09:09 +0300
committer: Sunitha Harish <sunithaharish04@gmail.com> 2020-06-17 07:26:05 +0300
commit: 92f682233ff0b8b20692e337632326cbd5a03676 (patch)
tree: dc700a9cfdc6a944581247e62df40dd8a5affa48 /include/sessions.hpp
parent: 566329ee0f19fed19cca49aafe7a43799f6c0bba (diff)
download: bmcweb-92f682233ff0b8b20692e337632326cbd5a03676.tar.xz
1 files changed, 19 insertions, 12 deletions
diff --git a/include/sessions.hpp b/include/sessions.hpp
index e4558094a8..217ce95e73 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -44,6 +44,7 @@ struct UserSession
     std::string username;
     std::string csrfToken;
     std::string clientId;
+    std::string clientIp;
     std::chrono::time_point<std::chrono::steady_clock> lastUpdated;
     PersistenceType persistence;
     bool cookieAuth = false;
@@ -101,6 +102,11 @@ struct UserSession
             {
                 userSession->clientId = *thisValue;
             }
+            else if (element.key() == "client_ip")
+            {
+                userSession->clientIp = *thisValue;
+            }
+
             else
             {
                 BMCWEB_LOG_ERROR
@@ -212,7 +218,8 @@ class SessionStore
     std::shared_ptr<UserSession> generateUserSession(
         const std::string_view username,
         PersistenceType persistence = PersistenceType::TIMEOUT,
-        bool isConfigureSelfOnly = false, const std::string_view clientId = "")
+        bool isConfigureSelfOnly = false, const std::string_view clientId = "",
+        const std::string_view clientIp = "")
     {
         // TODO(ed) find a secure way to not generate session identifiers if
         // persistence is set to SINGLE_REQUEST
@@ -259,10 +266,11 @@ class SessionStore
                 return nullptr;
             }
         }
-        auto session = std::make_shared<UserSession>(UserSession{
-            uniqueId, sessionToken, std::string(username), csrfToken,
-            std::string(clientId), std::chrono::steady_clock::now(),
-            persistence, false, isConfigureSelfOnly});
+        auto session = std::make_shared<UserSession>(
+            UserSession{uniqueId, sessionToken, std::string(username),
+                        csrfToken, std::string(clientId), std::string(clientIp),
+                        std::chrono::steady_clock::now(), persistence, false,
+                        isConfigureSelfOnly});
         auto it = authTokens.emplace(std::make_pair(sessionToken, session));
         // Only need to write to disk if session isn't about to be destroyed.
         needWrite = persistence == PersistenceType::TIMEOUT;
@@ -428,17 +436,16 @@ struct adl_serializer<std::shared_ptr<crow::persistent_data::UserSession>>
             crow::persistent_data::PersistenceType::SINGLE_REQUEST)
         {
 #ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE
-            j = nlohmann::json{{"unique_id", p->uniqueId},
-                               {"session_token", p->sessionToken},
-                               {"username", p->username},
-                               {"csrf_token", p->csrfToken},
-                               { "client_id",
-                                 p->clientId }};
+            j = nlohmann::json{
+                {"unique_id", p->uniqueId}, {"session_token", p->sessionToken},
+                {"username", p->username},  {"csrf_token", p->csrfToken},
+                {"client_id", p->clientId}, { "client_ip", p->clientIp }};
 #else
             j = nlohmann::json{{"unique_id", p->uniqueId},
                                {"session_token", p->sessionToken},
                                {"username", p->username},
-                               {"csrf_token", p->csrfToken}};
+                               {"csrf_token", p->csrfToken},
+                               {"client_ip", p->clientIp}};
 #endif
         }
     }
author	Sunitha Harish <sunithaharish04@gmail.com>	2020-05-28 13:09:09 +0300
committer	Sunitha Harish <sunithaharish04@gmail.com>	2020-06-17 07:26:05 +0300
commit	92f682233ff0b8b20692e337632326cbd5a03676 (patch)
tree	dc700a9cfdc6a944581247e62df40dd8a5affa48 /include/sessions.hpp
parent	566329ee0f19fed19cca49aafe7a43799f6c0bba (diff)
download	bmcweb-92f682233ff0b8b20692e337632326cbd5a03676.tar.xz