Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Session Delete Improvements #135

Open
wants to merge 3 commits into
base: session-api-temp
Choose a base branch
from

Conversation

isurusamarasekara
Copy link

Purpose

Includes new features to the session management API along with wso2/carbon-identity-framework#3750.

Goals

Includes new features to the session management API:

  • Terminate active sessions that fulfil the criteria determined by the filter parameter value.

Approach

Service Specification

https://app.swaggerhub.com/apis/sessionapi/wso-2_identity_server_user_session_management_api_definition/v1

Sessions API

Extended /sessions endpoint with delete implementation
Operation available for privileged users. Delete active sessions on the system retrieved based on. a filtering criteria.
Based off of #132

User stories

As a System Admin user, I want to terminate user sessions based on a criteria.

Release note

Session Management API enhancement.

Documentation

Impacts on User's Session Management API Definition - v1

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

N/A

Marketing

N/A

Automation tests

  • Unit tests

    N/A

  • Integration tests

    N/A

Security checks

Samples

Sample Request

DELETE t/carbon.super/api/users/v1/sessions?filter=appName eq My Account
Host: localhost:9443
Authorization: Basic YWRtaW46YWRtaW4=

Related PRs

Migrations (if applicable)

N/A

Test environment

OS: macOS Big Sur
JDK version: OpenJDK 1.8.0_292
Databases: Embedded H2

Learning

N/A

@CLAassistant
Copy link

CLAassistant commented Sep 27, 2021

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ isurusamarasekara
❌ Isuru Samarasekara


Isuru Samarasekara seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@isurusamarasekara isurusamarasekara changed the base branch from master to session-api-temp September 27, 2021 06:20
Comment on lines 146 to 151
/**
* Validate whether the given filter is not empty and tenantDomain is valid.
*
* @param filter filter to be applied for session termination
* @param tenantDomain tenant domain of the requester
*/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we fix the formatting errors here?

  • Param descriptions are not aligned.
  • Start sentences with uppercase letter and end with a .

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

corrected.

* @param filter filter to be applied for session termination
* @param tenantDomain tenant domain of the requester
*/
public static void validateFilter(String filter, String tenantDomain) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Extra space before the method name

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

corrected

Comment on lines 230 to 234
* @param filter the filter based on which the sessions to be terminated are selected (Mandatory)
* @param limit maximum number of sessions to be selected (Optional)
* @param since timestamp data value that points to the start of the range of data to be returned (Optional)
* @param until timestamp data value that points to the end of the range of data to be returned (Optional)
*/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we fix formatting here as well?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

corrected

@@ -57,7 +57,10 @@ public enum ErrorMessage {
"The provided userId is invalid."),
ERROR_CODE_SERVER_ERROR(USER_MANAGEMENT_PREFIX.getPrefix() + "15001",
"Unable to retrieve User.",
"Server Encountered an error while retrieving the user.");
"Server Encountered an error while retrieving the user."),
INVALID_TENANT_DOMAIN(USER_MANAGEMENT_PREFIX.getPrefix() + "10002",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like this is a server error. Shall we start the error code with 150xx instead of 100xx? We use 100xx for client errors.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

INVALID_TENANT_DOMAIN is a client error IMO... as the client could change the context tenantDomain to a non-existing one.

"Server Encountered an error while retrieving the user."),
INVALID_TENANT_DOMAIN(USER_MANAGEMENT_PREFIX.getPrefix() + "10002",
"Invalid tenant domain.",
"Server Encountered an error while retrieving tenantId for tenantDomain.");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add more context to this? Add the tenant domain at the end? WDYT?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

implemented

import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.*;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's not use * imports.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a auto generated file. So this should be fine.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

corrected

@@ -36,8 +37,8 @@
import javax.ws.rs.core.Response;

import static org.wso2.carbon.identity.api.user.common.Constants.CORRELATION_ID_MDC;
import static org.wso2.carbon.identity.api.user.common.Constants.ErrorMessage.ERROR_CODE_INVALID_USERNAME;
import static org.wso2.carbon.identity.api.user.common.Constants.ErrorMessage.ERROR_CODE_SERVER_ERROR;
import static org.wso2.carbon.identity.api.user.common.Constants.ErrorMessage.*;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shalll we avoid * imports?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

corrected

@somindatommy
Copy link
Contributor

@isurusamarasekara can you address the comments?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants