readId() fails, when timeStamp is appended to JSession (#11)

* readId() fails, when timeStamp is appended to JSession. 

* Timestamp parsing in clean() should be done based on appendTimestamp flag.

Author: sd1248

session-replacement/src/main/java/com/amadeus/session/servlet/BaseSessionTracking.java

@@ -21,6 +21,8 @@ public abstract class BaseSessionTracking implements SessionTracking {
 
   private boolean appendTimestamp;
 
+  protected static final char SESSION_ID_TIMESTAMP_SEPARATOR = '!';
+
   @Override
   public void configure(SessionConfiguration configuration) {
     // Read standard configuration
@@ -42,8 +44,8 @@ public void configure(SessionConfiguration configuration) {
   public String newId() {
     String newId = idProvider.newId();
     if (appendTimestamp) {
-      StringBuilder suffixedId = new StringBuilder(newId.length() + 11).append(newId);
-      newId = suffixedId.append('!').append(System.currentTimeMillis()).toString();
+        StringBuilder suffixedId = new StringBuilder(newId.length() + 11).append(newId);
+        newId = suffixedId.append(SESSION_ID_TIMESTAMP_SEPARATOR).append(System.currentTimeMillis()).toString();
     }
     return newId;
   }
@@ -62,7 +64,18 @@ public String encodeUrl(RequestWithSession request, String url) {
    * @return extracted id or <code>null</code>
    */
   protected String clean(String value) {
-    return idProvider.readId(value);
+    if (!appendTimestamp) {
+      return idProvider.readId(value);
+    }
+    String timeStamp = "";
+    String cleanValue = value;
+    int separatorIndex = value.lastIndexOf(SESSION_ID_TIMESTAMP_SEPARATOR);
+    if (separatorIndex != -1) {
+        timeStamp = value.substring(separatorIndex);
+        cleanValue = value.substring(0, separatorIndex);
+    }
+    cleanValue = idProvider.readId(cleanValue);
+    return cleanValue != null ? cleanValue + timeStamp : cleanValue;
   }
 
 }

session-replacement/src/test/java/com/amadeus/session/servlet/TestCookieSessionTracking.java

@@ -70,6 +70,25 @@ public void testRetrieveId() {
         new Cookie("somesession", uuid.toString())
         });
     assertEquals(uuid.toString(), cookieSessionTracking.retrieveId(request));
+
+    String sessionIdWithTimestamp = uuid.toString() + BaseSessionTracking.SESSION_ID_TIMESTAMP_SEPARATOR + System.currentTimeMillis();
+    String invalidSessionIdWithTimestamp = uuid.toString() + "-abcdefgh" + BaseSessionTracking.SESSION_ID_TIMESTAMP_SEPARATOR + System.currentTimeMillis();
+    String sessionIdWithoutTimestamp = uuid.toString();
+
+    when(hsr.getCookies()).thenReturn(new Cookie[] { new Cookie("somesession", sessionIdWithTimestamp)});
+    assertNull(cookieSessionTracking.retrieveId(request));
+    when(hsr.getCookies()).thenReturn(new Cookie[] { new Cookie("somesession", sessionIdWithoutTimestamp)});
+    assertEquals(sessionIdWithoutTimestamp, cookieSessionTracking.retrieveId(request));
+
+    sc.setTimestampSufix(true);
+    cookieSessionTracking.configure(sc);
+
+    when(hsr.getCookies()).thenReturn(new Cookie[] { new Cookie("somesession", sessionIdWithTimestamp)});
+    assertEquals(sessionIdWithTimestamp, cookieSessionTracking.retrieveId(request));
+    when(hsr.getCookies()).thenReturn(new Cookie[] { new Cookie("somesession", sessionIdWithoutTimestamp)});
+    assertEquals(sessionIdWithoutTimestamp, cookieSessionTracking.retrieveId(request));
+    when(hsr.getCookies()).thenReturn(new Cookie[] { new Cookie("somesession", invalidSessionIdWithTimestamp)});
+    assertNull(cookieSessionTracking.retrieveId(request));
   }
 
   @Test

session-replacement/src/test/java/com/amadeus/session/servlet/TestUrlSessionTracking.java

@@ -62,6 +62,32 @@ public void testRetrieveId() {
     when(hsr.getRequestURI()).thenReturn("/url;somesession="+uuid);
     String id = urlSessionTracking.retrieveId(request);
     assertEquals(uuid.toString(), id);
+
+    String sessionIdWithTimestamp = uuid.toString() + BaseSessionTracking.SESSION_ID_TIMESTAMP_SEPARATOR + System.currentTimeMillis();
+    String invalidSessionIdWithTimestamp = uuid.toString() + "-abcdefgh" + BaseSessionTracking.SESSION_ID_TIMESTAMP_SEPARATOR + System.currentTimeMillis();
+    String sessionIdWithoutTimestamp = uuid.toString();
+
+    when(hsr.getPathInfo()).thenReturn(";somesession="+sessionIdWithTimestamp);
+    when(hsr.getRequestURI()).thenReturn("/url;somesession="+sessionIdWithTimestamp);
+    assertNull(urlSessionTracking.retrieveId(request));
+    when(hsr.getPathInfo()).thenReturn(";somesession="+sessionIdWithoutTimestamp);
+    when(hsr.getRequestURI()).thenReturn("/url;somesession="+sessionIdWithoutTimestamp);
+    assertEquals(sessionIdWithoutTimestamp, urlSessionTracking.retrieveId(request));
+    when(hsr.getPathInfo()).thenReturn(";somesession="+invalidSessionIdWithTimestamp);
+    when(hsr.getRequestURI()).thenReturn("/url;somesession="+invalidSessionIdWithTimestamp);
+    assertNull(urlSessionTracking.retrieveId(request));
+
+    sc.setTimestampSufix(true);
+    urlSessionTracking.configure(sc);
+    when(hsr.getPathInfo()).thenReturn(";somesession="+sessionIdWithTimestamp);
+    when(hsr.getRequestURI()).thenReturn("/url;somesession="+sessionIdWithTimestamp);
+    assertEquals(sessionIdWithTimestamp, urlSessionTracking.retrieveId(request));
+    when(hsr.getPathInfo()).thenReturn(";somesession="+sessionIdWithoutTimestamp);
+    when(hsr.getRequestURI()).thenReturn("/url;somesession="+sessionIdWithoutTimestamp);
+    assertEquals(sessionIdWithoutTimestamp, urlSessionTracking.retrieveId(request));
+    when(hsr.getPathInfo()).thenReturn(";somesession="+invalidSessionIdWithTimestamp);
+    when(hsr.getRequestURI()).thenReturn("/url;somesession="+invalidSessionIdWithTimestamp);
+    assertNull(urlSessionTracking.retrieveId(request));
   }
 
   @Test