Monday, July 24, 2017

REST - Interoperability (manage sessions on multiple channel) WCtoken and Web Identitytoken

Interoperability of Commerce Tokens between web and rest Channel at same time 

WebSphere commerce FEP8 onwards supports concurrent active session for user on web as well as on Rest channel as same time. However if you are on a lower version of Commerce below are the steps to make your application work seamlessly.

Step 1: If you are on a version lower than WCS 7, FEP 8;  you need to install an APAR JR45670.
Step 2: After installation of APAR you need to extend the Command SimultaneousLogonHelperCmdImpl and override functions as below:

    public boolean isReusingActivityTokenAllowed() {
        final String METHODNAME = "isReusingActivityTokenAllowed";
        LOGGER.logp(Level.INFO, CLASSNAME, METHODNAME, " Setting isReusingActivityTokenAllowed to TRUE ");
        return true;
    }
    public boolean shouldInvalidateLogons() {
        final String METHODNAME = "shouldInvalidateLogons";
        LOGGER.logp(Level.INFO, CLASSNAME, METHODNAME, " Setting shouldInvalidateLogons to FALSE ");
        return false;
    }

Step 3: Generate WCToken using code below:
        String userCookieName = "WC_USERACTIVITY_"+userId.toString();
        LOGGER.logp(Level.INFO, CLASSNAME, methodName,"UserId "+userId + " userCookieName "+userCookieName);
        String currentCookieValue = null;
        try    {
            Cookie [] cookieArray = getHttpRequest().getCookies();
            if(null!=cookieArray && cookieArray.length>0){
                for (int i=0;i                    if(cookieArray[i].getName().equalsIgnoreCase(userCookieName)){
                        currentCookieValue = cookieArray[i].getValue();
                        break;
                    }
                }
            }
            ActivityToken activityToken=null;
            String cookieValue=null;
            WCUserSession userSession = new WCCookieUserSession(currentCookieValue, CommerceTokenHelper.getSessionKey());
            activityToken = userSession.getConversationToken();
            activityToken.setTemporary(false);
            ActivityTokenProcessor.refreshSignature(activityToken);
      
            // generate the WCToken
            String merchantKey = CommerceTokenHelper.getSessionKey();
            WCCookieUserSession cookieUserSession = new WCCookieUserSession(null, null, merchantKey, null, null);
            cookieUserSession.setUserId(userId);
            cookieUserSession.setConversationToken(activityToken);            
            cookieValue = cookieUserSession.serialize();
          
            // retrieve the encrypted part
            String encryptedPart = cookieValue.substring(cookieValue.lastIndexOf(SessionConstants.COOKIE_SEPARATOR) + 1);
            StringBuffer cookieValueBuffer = new StringBuffer(userId.toString().length() + 1 + encryptedPart.length());
            // add the user ID part
            cookieValueBuffer.append(userId);
            cookieValueBuffer.append(SessionConstants.COOKIE_SEPARATOR);
            // add the encrypted part
            cookieValueBuffer.append(encryptedPart);
            wcToken = URLUTF8Encoder.encode(cookieValueBuffer.toString());  //This is the wcToken.
            LOGGER.logp(Level.INFO, CLASSNAME, methodName,"wcToken" +wcToken);

        }catch (Exception e) {
            throw new ECApplicationException(XXXXMessage._ERR_TOKENGENERATION_ERR, CLASSNAME, methodName, new Object[]{e});
        }

No comments: