fix: [CO-440] properly de-register Account AuthToken in EndSession API #119
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
keshavbhatt
requested review from
aheeva-yuliya,
flanciotti,
frisonisland and
Polpetta
- properly remove account AuthToken to invalidate the session cookie in Soap EndSession
keshavbhatt
force-pushed
the
fix/co-440-fix-endsession
branch
from
d21c91d to
a08244a
Compare
frisonisland
requested changes
Nov 18, 2022
frisonisland
approved these changes
Nov 18, 2022
aheeva-yuliya
approved these changes
Nov 18, 2022
frisonisland
added a commit
that referenced
this pull request
Dec 15, 2022
* chore: add release-it (#121) * chore: add release-it and update README.md * chore: add CHANGELOG.md * chore(Jenkinsfile): release-it integration * chore(Jenkinsfile): add devel repository (#122) * fix:[CO-440] properly de-register authToken (#119) - properly remove account AuthToken to invalidate the session cookie in Soap EndSession * fix: zimbraReverseProxyDnsLookupInServerEnabled false (#118) * fix: zimbraReverseProxyDnsLookupInServerEnabled false * chore(pre-commit): exclude attrs.xml from lint *chore(attrs.xml): re-apply changes * chore(attrs.xml): improve zimbraReverseProxyDnsLookupInServerEnabled description * fix:[CO-457] delete orphaned cert-key pair from domain SSL dir (#126) * fix: delete orphaned certificate key pair from domain cert dir * chore: remove temp null checks * chore: show in logs if obsolete cert key file is not deletable * fix(generate-rights): use custom localconfig (#129) * feat: [CO-459] add new white-label management attributes (#128) * feat: add primary color attributes for domain entries * chore: add attribute for Web Ui banner text * feat: run generate-getters in store * feat: run generate-rights in store * feat(attrs.xml): zimbraClamAVDatabaseMirror multiAttr (#130) * feat(attrs.xml): zimbraClamAVDatabaseMirror multiAttr * chore: change default clamAV db + description * chore: generate-getters * refactor: maven build (#131) * refactor: move java -> main/java, java-test -> test/java * refactor: import pom changes from feature/maven-build branch * chore: adapt Jenkinsfile * refactor: remove ant and ivy build files * chore: store + store-conf maven * chore: minor changes * chore(zm-native): native dir in main/native * refactor: move soap-docs classes in soap module * refactor: store db/hsqldb -> main/db/hsqldb * refactor: com.zimbra.qa -> test/java/qa * refactor: AccountTestUtil moved from qa to src/main/com.zimbra.cs.service.admin * refactor: store db/hsqldb -> main/db/hsqldb * chore: DbTag non-final * refactor: DbTag verify methods to DbTagTestUtil (extends DbTag) * refactor: TagTest, AuthTest, TestTnefTimezone, RunUnitTests to test classes * refactor: move test resources location * refactor: MailboxTestUtil resources location * refactor: HSQLDB resources location * refactor: fix hsqldb resources location * fix: test resources location ref * fix: test resources crlf * fix: MimeTest carriage return * fix: MimeTest * fix: ignore MimeTest migration info * chore: MimeTest bug95114 files content * chore: MimeTest bug95114 files content (2) * chore: MimeTest CRLF * chore: snapshot on chore/maven-build * chore: 23.1.0-SNAPSHOT * chore: distribution management release repository * feat: [CO-467] add carbonioCalAVDatabaseCustomURL global multi-attr (#132) * feat:[CO-475] add carbonio features attributes (#133) * feat: add attribute definitions * chore: generate java code and rights definition Co-authored-by: Keshav Bhatt <keshavnrj@gmail.com> Co-authored-by: Keshav Bhatt <keshavbhatt@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What has changed:
The deRegister method of ZimbraAuthToken class has been modified to parse the server_version as empty string if it is null (server_version is always null since we dont set server's server_version property in Carbonio for some reasons).
This string along with other components form a unique dynamic identifier which is used to remove values from account entries in this case for zimbraAuthTokens which is ephermal attribute in nature.
Now, in EndSessionReuqest if logOff attribute is set to true it will properly invalidate the cookie on SOAP servelet and properly delete the AuthToken for the account in directory-server.
Other changes
In addition the handle method of EndSession service was refactored and a portion of the method was extracted to new clearAllSessions method which allows clealall sessions if all="true" is passed in API call.
Tests:
Set of e2e tests were utilized to validate & confirm the above behavior.