Redfish Session : Fix clientIp getting mapped to clientId

When the session is created using /login, the ClientOriginIPAddress
is mapped to the clientId parameter which displayed the clientIP
instead of the of clientId.
The similar problem is observed with auth methods other than sessions
created using the SessionService resource

This commit swaps the clientId and clientIp parameters passed to
generateUserSession API, so that the optional clientId is
passed as the last parameter

Tested by :
  1. Create session using Redfish command
     POST https://${bmc}/login -d '{"username": <>,"password": <>}'
     POST https://${bmc}/redfish/v1/SessionService/Sessions
        -d '{"username": <>,"password": <>}'
  2. Open the GUI session to check the clientId is not displaying the
  ClientOriginIPAddress

Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: I6cee3de963c489e690d2ad0bb09ba78dca39e4f9

1 files changed, 3 insertions, 3 deletions

diff --git a/include/sessions.hpp b/include/sessions.hpp
index 85d8ecc635..a448b24c0f 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -210,10 +210,10 @@ class SessionStore
 {
   public:
     std::shared_ptr<UserSession> generateUserSession(
-        const std::string_view username,
+        const std::string_view username, const std::string_view clientIp,
+        const std::string_view clientId,
         PersistenceType persistence = PersistenceType::TIMEOUT,
-        bool isConfigureSelfOnly = false, const std::string_view clientId = "",
-        const std::string_view clientIp = "")
+        bool isConfigureSelfOnly = false)
     {
         // TODO(ed) find a secure way to not generate session identifiers if
         // persistence is set to SINGLE_REQUEST