private void createAndStoreSession(
final PublicKey publicKey, final String clientId, final USER user, final byte[] certificate) {
final Date expiresAt = getExpiryDateCalculator().calculateFor(user);
final PublicKeyWithMechanism publicKeyWithMechanism = new PublicKeyWithMechanism(publicKey);
final SESSION session = getSessionStore().createTransient();
session.setUserId(user.getUserId());
session.setExpiresAt(expiresAt);
session.setPublicKey(publicKeyWithMechanism.getValue());
session.setMechanism(publicKeyWithMechanism.getMechanism().getName());
session.setClientId(clientId);
session.setCertificate(certificate);
getSessionStore().save(session);
}
public byte[] createCertificateAndSession(
final ClientInformation clientInformation, final USER user) {
final PublicKeyWithMechanism publicKeyWithMechanism =
new PublicKeyWithMechanism(clientInformation.getPublicKey());
if (!_sessionCreationPolicy.mayCreateSession(
user.getUserId(), publicKeyWithMechanism.getValue())) {
throw new AlreadyLoggedInException(
"User with id " + user.getUserId() + " is already logged in for current client.");
}
try {
final byte[] certificate = createCertificate(user, clientInformation.getPublicKey());
createAndStoreSession(
clientInformation.getPublicKey(), clientInformation.getClientId(), user, certificate);
return certificate;
} catch (final IOException e) {
throw new CertificateCreationException(
"failed to create certificate for user with id " + user.getUserId(), e);
}
}