Skip to content

Commit

Permalink
#201 Recover interactive IShSession when created over browser or clie…
Browse files Browse the repository at this point in the history 
…nt/secret for ..WithOpenIdConnect protocols by explicitly setting tokens to null first
  • Loading branch information
ddemeyer committed Sep 30, 2024
1 parent eb4649e commit f2ac210
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 34 deletions.
6 changes: 4 additions & 2 deletions Doc/ReleaseNotes-ISHRemote-8.2.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,11 @@ This release inherits the v0.1 to v0.14 up to v8.1 development branch and featur
The below text describes the delta compared to fielded release ISHRemote v8.1.


## Boosting ...
## Actively recover interactive sessions

...
Every usage of a cmdlet will refresh the security tokens. However, when not using ISHRemote cmdlets or the implicit `$ISHRemoteSessionStateIshSession` or explicit `$ishSession` object, the session expires by default after around 57 minutes when using ISHID or similar on other identity providers. In turn resulting in error `An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.`.

In this ISHRemote version, the session will attempt to get a new token automatically on every triggererd ISHRemote cmdlet. If you created the IShSession object over an interactive browser, you will see the browser again perhaps with or without a credential challenge in the browser. Change is only for protocols `WcfSoapWithOpenIdConnect` and `OpenApiWithOpenIdConnect`; no change for `WcfSoapWithWsTrust`.


## Extending ...
Expand Down
2 changes: 1 addition & 1 deletion Source/ISHRemote/Trisoft.ISHRemote/Connection/InfoShareOpenIdConnectConnectionBase.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ protected string GetAccessToken()
}

// Refresh the token before it expires
if (DateTime.Now.Add(RefreshBeforeExpiration) > _connectionParameters.Tokens.AccessTokenExpiration)
if (IsTokenAlmostExpired)
{
// Refresh the token
_logger.WriteVerbose($"InfoShareOpenIdConnectConnectionBase Access Token almost expired (" +
Expand Down
66 changes: 35 additions & 31 deletions Source/ISHRemote/Trisoft.ISHRemote/Objects/Public/IshSession.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -638,7 +638,7 @@ public Annotation25ServiceReference.Annotation Annotation25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_annotation25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_annotation25 == null)
_annotation25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetAnnotation25Channel();
break;
default:
Expand All @@ -661,7 +661,7 @@ public Application25ServiceReference.Application Application25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_application25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_application25 == null)
_application25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetApplication25Channel();
break;
default:
Expand All @@ -685,7 +685,7 @@ public User25ServiceReference.User User25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_user25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_user25 == null)
_user25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetUser25Channel();
break;
default:
Expand All @@ -708,7 +708,7 @@ public UserRole25ServiceReference.UserRole UserRole25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_userRole25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_userRole25 == null)
_userRole25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetUserRole25Channel();
break;
default:
Expand All @@ -731,7 +731,7 @@ public UserGroup25ServiceReference.UserGroup UserGroup25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_userGroup25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_userGroup25 == null)
_userGroup25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetUserGroup25Channel();
break;
default:
Expand All @@ -754,7 +754,7 @@ public DocumentObj25ServiceReference.DocumentObj DocumentObj25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_documentObj25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_documentObj25 == null)
_documentObj25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetDocumentObj25Channel();
break;
default:
Expand All @@ -777,7 +777,7 @@ public PublicationOutput25ServiceReference.PublicationOutput PublicationOutput25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_publicationOutput25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_publicationOutput25 == null)
_publicationOutput25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetPublicationOutput25Channel();
break;
default:
Expand All @@ -800,7 +800,7 @@ public Settings25ServiceReference.Settings Settings25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_settings25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_settings25 == null)
_settings25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetSettings25Channel();
break;
default:
Expand All @@ -823,7 +823,7 @@ public EventMonitor25ServiceReference.EventMonitor EventMonitor25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_eventMonitor25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_eventMonitor25 == null)
_eventMonitor25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetEventMonitor25Channel();
break;
default:
Expand All @@ -846,7 +846,7 @@ public Baseline25ServiceReference.Baseline Baseline25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_baseline25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_baseline25 == null)
_baseline25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetBaseline25Channel();
break;
default:
Expand All @@ -869,7 +869,7 @@ public MetadataBinding25ServiceReference.MetadataBinding MetadataBinding25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_metadataBinding25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_metadataBinding25 == null)
_metadataBinding25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetMetadataBinding25Channel();
break;
default:
Expand All @@ -887,12 +887,12 @@ public Folder25ServiceReference.Folder Folder25
switch (_protocol)
{
case Enumerations.Protocol.WcfSoapWithWsTrust:
if ((_folder25 == null) || (_infoShareWcfSoapWithWsTrustConnection.IsTokenAlmostExpired))
if (_folder25 == null)
_folder25 = _infoShareWcfSoapWithWsTrustConnection.GetFolder25Channel();
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_folder25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_folder25 == null)
_folder25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetFolder25Channel();
break;
default:
Expand All @@ -915,7 +915,7 @@ public ListOfValues25ServiceReference.ListOfValues ListOfValues25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_listOfValues25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_listOfValues25 == null)
_listOfValues25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetListOfValues25Channel();
break;
default:
Expand All @@ -938,7 +938,7 @@ public OutputFormat25ServiceReference.OutputFormat OutputFormat25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_outputFormat25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_outputFormat25 == null)
_outputFormat25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetOutputFormat25Channel();
break;
default:
Expand All @@ -961,7 +961,7 @@ public EDT25ServiceReference.EDT EDT25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_EDT25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_EDT25 == null)
_EDT25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetEDT25Channel();
break;
default:
Expand All @@ -984,7 +984,7 @@ public TranslationJob25ServiceReference.TranslationJob TranslationJob25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_translationJob25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_translationJob25 == null)
_translationJob25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetTranslationJob25Channel();
break;
default:
Expand All @@ -1007,7 +1007,7 @@ public TranslationTemplate25ServiceReference.TranslationTemplate TranslationTemp
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_translationTemplate25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_translationTemplate25 == null)
_translationTemplate25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetTranslationTemplate25Channel();
break;
default:
Expand All @@ -1030,7 +1030,7 @@ public Search25ServiceReference.Search Search25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_search25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_search25 == null)
_search25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetSearch25Channel();
break;
default:
Expand All @@ -1053,7 +1053,7 @@ public BackgroundTask25ServiceReference.BackgroundTask BackgroundTask25
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_backgroundTask25 == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
if (_backgroundTask25 == null)
_backgroundTask25 = _infoShareWcfSoapWithOpenIdConnectConnection.GetBackgroundTask25Channel();
break;
default:
Expand All @@ -1070,7 +1070,7 @@ private void VerifyConnectionValidity()
switch (_protocol)
{
case Enumerations.Protocol.WcfSoapWithWsTrust:
if (_infoShareWcfSoapWithWsTrustConnection == null)
if ((_infoShareWcfSoapWithWsTrustConnection == null) || (_infoShareWcfSoapWithWsTrustConnection.IsTokenAlmostExpired))
{
// Not valid...
// ...dispose connection
Expand Down Expand Up @@ -1100,13 +1100,7 @@ private void VerifyConnectionValidity()
}
break;
case Enumerations.Protocol.WcfSoapWithOpenIdConnect:
if (_infoShareOpenApiWithOpenIdConnectConnection == null)
{
// ... discard OpenApiISH30Service
// ...and re-create connection
CreateOpenApiWithOpenIdConnectConnection();
}
if (_infoShareWcfSoapWithOpenIdConnectConnection == null)
if ((_infoShareWcfSoapWithOpenIdConnectConnection == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
{
// Not valid...
// ...dispose connection
Expand All @@ -1131,18 +1125,20 @@ private void VerifyConnectionValidity()
_user25 = null;
_userGroup25 = null;
_userRole25 = null;
// force new tokens
_infoShareOpenIdConnectConnectionParameters.Tokens = null;
// ...and re-create connection
CreateInfoShareWcfSoapWithOpenIdConnectConnection();
}
break;
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if (_infoShareOpenApiWithOpenIdConnectConnection == null)
{
// ... discard OpenApiISH30Service
// ...and re-create connection
CreateOpenApiWithOpenIdConnectConnection();
}
if (_infoShareWcfSoapWithOpenIdConnectConnection == null)
break;
case Enumerations.Protocol.OpenApiWithOpenIdConnect:
if ((_infoShareWcfSoapWithOpenIdConnectConnection == null) || (_infoShareWcfSoapWithOpenIdConnectConnection.IsTokenAlmostExpired))
{
// Not valid...
// ...dispose connection
Expand All @@ -1167,9 +1163,17 @@ private void VerifyConnectionValidity()
_user25 = null;
_userGroup25 = null;
_userRole25 = null;
// force new tokens
_infoShareOpenIdConnectConnectionParameters.Tokens = null;
// ...and re-create connection
CreateInfoShareWcfSoapWithOpenIdConnectConnection();
}
if (_infoShareOpenApiWithOpenIdConnectConnection == null)
{
// ... discard OpenApiISH30Service
// ...and re-create connection
CreateOpenApiWithOpenIdConnectConnection();
}
break;
default:
throw new ArgumentException($"IshSession _protocol[{_protocol}] was unexpected.");
Expand Down

0 comments on commit f2ac210

Please sign in to comment.