diff options
author | Sunitha Harish <sunithaharish04@gmail.com> | 2020-05-28 13:09:09 +0300 |
---|---|---|
committer | Sunitha Harish <sunithaharish04@gmail.com> | 2020-06-17 07:26:05 +0300 |
commit | 92f682233ff0b8b20692e337632326cbd5a03676 (patch) | |
tree | dc700a9cfdc6a944581247e62df40dd8a5affa48 /redfish-core/lib/redfish_sessions.hpp | |
parent | 566329ee0f19fed19cca49aafe7a43799f6c0bba (diff) | |
download | bmcweb-92f682233ff0b8b20692e337632326cbd5a03676.tar.xz |
Fetch the ClientIP during session creation
This commit saves the IP Address of the client from where the session
was created.
- This is not a user supplied value. The BMC will internally pull the
IP address from the incoming create-session request.
- It should also be noted that ClientIP will not change if the same session
token is used from some other IP address for further management of the BMC.
Tested by:
1. Create session
2. Display the Session details with GET command to check the IP from where
the session is created/updated.
GET https://${bmc}/redfish/v1/SessionService/Sessions/<id>
{
"@odata.id": "/redfish/v1/SessionService/Sessions/<id>",
"@odata.type": "#Session.v1_0_2.Session",
"Description": "Manager User Session",
"Id": "<id>",
"Name": "User Session",
"Oem": {
"OpenBMC": {
"@odata.type": "#OemSession.v1_0_0.Session",
"ClientOriginIP": "<ip address>"
}
},
"UserName": "root"
}
3. Redfish validator is run successfully.
Signed-off-by: Sunitha Harish <sunithaharish04@gmail.com>
Change-Id: I0076f260f50a991600ec060c72f3e46fb9a9cbb8
Diffstat (limited to 'redfish-core/lib/redfish_sessions.hpp')
-rw-r--r-- | redfish-core/lib/redfish_sessions.hpp | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/redfish-core/lib/redfish_sessions.hpp b/redfish-core/lib/redfish_sessions.hpp index 4dbb64daba..1ec2303abe 100644 --- a/redfish-core/lib/redfish_sessions.hpp +++ b/redfish-core/lib/redfish_sessions.hpp @@ -63,11 +63,12 @@ class Sessions : public Node res.jsonValue["@odata.type"] = "#Session.v1_0_2.Session"; res.jsonValue["Name"] = "User Session"; res.jsonValue["Description"] = "Manager User Session"; -#ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE res.jsonValue["Oem"]["OpenBMC"]["@odata.type"] = "#OemSession.v1_0_0.Session"; +#ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE res.jsonValue["Oem"]["OpenBMC"]["ClientID"] = session->clientId; #endif + res.jsonValue["Oem"]["OpenBMC"]["ClientOriginIP"] = session->clientIp; res.end(); } @@ -123,8 +124,8 @@ class Sessions : public Node /** * This allows SessionCollection to reuse this class' doGet method, to * maintain consistency of returned data, as Collection's doPost should - * return data for created member which should match member's doGet result - * in 100% + * return data for created member which should match member's doGet + * result in 100% */ friend SessionCollection; }; @@ -174,6 +175,7 @@ class SessionCollection : public Node std::string password; std::optional<nlohmann::json> oemObject; std::string clientId; + std::string clientIp; if (!json_util::readJson(req, res, "UserName", username, "Password", password, "Oem", oemObject)) { @@ -225,12 +227,15 @@ class SessionCollection : public Node } } #endif + clientIp = + req.socket().next_layer().remote_endpoint().address().to_string(); + // User is authenticated - create session std::shared_ptr<crow::persistent_data::UserSession> session = crow::persistent_data::SessionStore::getInstance() .generateUserSession( username, crow::persistent_data::PersistenceType::TIMEOUT, - isConfigureSelfOnly, clientId); + isConfigureSelfOnly, clientId, clientIp); res.addHeader("X-Auth-Token", session->sessionToken); res.addHeader("Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); |