feat(jans-auth-server): store previous session's acr/data to the new session's context

[martynaslawinska]

aliaksander-samuseu commented on May 21, 2019 Suggested in ticket 6911 by a partner, adding here per Yuriy's decision. Their original problem was that when an authz request comes which includes "prompt=login" parameter, it's impossible to recover previous session's context from a custom auth script as previous session is destroyed before it's executed, and thus it's impossible to learn which acr was associated with that previous session.

Quoting their suggestion:

Would there be a way to retain/upgrade the existing session for an upgrade, such as via parameter in the "init" function of the script or is the session destroyed before that? Would there be a possibility to retain previous session info as previous (not current) session somewhere in the new session authentication processing to make it available once you get to the custom script? The intention is to have a "second factor upgrade/validation" mechanism, which would be very helpful.

[ossdhaval]

Tagging @aliaksander-samuseu as the original author

[ossdhaval]

@yuriyz

This is an old issue. Can I request you to see if this is still relevant and add priority, effort labels if you can?

[yuriyz]

I guess we should take it further and introduce dedicated json attribute to session to store all previous parameters. It's not first time I see this problem. We are workarounding it but we can do it better.