Add session timeout

src/main/java/digital/slovensko/autogram/core/Autogram.java

@@ -14,6 +14,8 @@
 
 import java.io.File;
 import java.util.List;
+import java.util.Timer;
+import java.util.TimerTask;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.function.Consumer;
@@ -24,6 +26,7 @@ public class Autogram {
     /** Current batch, should be null if no batch was started yet */
     private Batch batch = null;
     private final PasswordManager passwordManager;
+    private Timer tokenSessionTimer = null;
 
     public Autogram(UI ui, UserSettings settings) {
         this.ui = ui;
@@ -93,6 +96,8 @@ public void startVisualization(SigningJob job) {
     private void signCommonAndThen(SigningJob job, SigningKey signingKey, Consumer<SigningJob> callback) {
         try {
             job.signWithKeyAndRespond(signingKey);
+            resetTokenSessionTimer();
+
             if (batch == null || batch.isEnded() || batch.isAllProcessed())
                 passwordManager.reset();
 
@@ -214,6 +219,7 @@ private void fetchKeysAndThen(TokenDriver driver, Consumer<SigningKey> callback)
         try {
             var token = driver.createToken(passwordManager, settings);
             var keys = token.getKeys();
+            resetTokenSessionTimer();
 
             ui.onUIThreadDo(
                     () -> ui.pickKeyAndThen(keys, driver, (privateKey) -> callback.accept(new SigningKey(token, privateKey))));
@@ -266,4 +272,27 @@ public TSPSource getTspSource() {
     public boolean isPlainXmlEnabled() {
         return settings.isPlainXmlEnabled();
     }
+
+    private void stopTokenSessionTimer() {
+        if (tokenSessionTimer == null)
+            return;
+
+        tokenSessionTimer.cancel();
+    }
+
+    private void startTokenSessionTimer() {
+        var timerTask = new TimerTask() {
+            @Override
+            public void run() {
+                ui.resetSigningKey();
+            }
+        };
+        tokenSessionTimer = new Timer();
+        tokenSessionTimer.schedule(timerTask, settings.getTokenSessionTimeout() * 60 * 1000);
+    }
+
+    private void resetTokenSessionTimer() {
+        stopTokenSessionTimer();
+        startTokenSessionTimer();
+    }
 }

src/main/java/digital/slovensko/autogram/core/UserSettings.java

@@ -33,6 +33,7 @@ public class UserSettings implements PasswordManagerSettings, SignatureTokenSett
     private String customTsaServer;
     private boolean bulkEnabled;
     private int pdfDpi;
+    private long tokenSessionTimeout;
 
     public static UserSettings load() {
         var prefs = Preferences.userNodeForPackage(UserSettings.class);
@@ -56,6 +57,7 @@ public static UserSettings load() {
         settings.setCustomTsaServer(prefs.get("CUSTOM_TSA_SERVER", ""));
         settings.setTsaEnabled(prefs.getBoolean("TSA_ENABLE", false));
         settings.setPdfDpi(prefs.getInt("PDF_DPI", 100));
+        settings.setTokenSessionTimeout(prefs.getLong("TOKEN_SESSION_TIMEOUT", 5));
 
         return settings;
     }
@@ -81,6 +83,7 @@ public void save() {
         prefs.put("CUSTOM_TSA_SERVER", customTsaServer);
         prefs.putBoolean("TSA_ENABLE", tsaEnabled);
         prefs.putInt("PDF_DPI", pdfDpi);
+        prefs.putLong("TOKEN_SESSION_TIMEOUT", tokenSessionTimeout);
     }
 
     private void setSignatureType(String signatureType) {
@@ -285,4 +288,15 @@ public int getPdfDpi() {
     public void setPdfDpi(int value) {
         pdfDpi = value;
     }
+
+    public long getTokenSessionTimeout() {
+        return tokenSessionTimeout;
+    }
+
+    public void setTokenSessionTimeout(long value) {
+        if (value <= 0)
+            return;
+
+        tokenSessionTimeout = value;
+    }
 }

src/main/java/digital/slovensko/autogram/ui/UI.java

@@ -60,4 +60,6 @@ public interface UI {
     char[] getContextSpecificPassword();
 
     public void updateBatch();
+
+    void resetSigningKey();
 }

src/main/java/digital/slovensko/autogram/ui/cli/CliUI.java

@@ -280,4 +280,9 @@ public char[] getContextSpecificPassword() {
     public void updateBatch() {
         // TODO: no usage for this in CLI UI
     }
+
+    @Override
+    public void resetSigningKey() {
+        activeKey = null;
+    }
 }

src/main/java/digital/slovensko/autogram/ui/gui/GUI.java

@@ -15,7 +15,6 @@
 import digital.slovensko.autogram.drivers.TokenDriver;
 import digital.slovensko.autogram.ui.BatchUiResult;
 import digital.slovensko.autogram.ui.UI;
-import eu.europa.esig.dss.enumerations.KeyUsageBit;
 import eu.europa.esig.dss.token.DSSPrivateKeyEntry;
 import javafx.application.HostServices;
 import javafx.application.Platform;
@@ -500,8 +499,12 @@ public void disableSigning() {
             batchController.disableSigning();
     }
 
+    @Override
     public void resetSigningKey() {
-        setActiveSigningKeyAndThen(null, null);
+        onUIThreadDo(()->{
+            setActiveSigningKeyAndThen(null, null);
+            refreshKeyOnAllJobs();
+        });
     }
 
     public void cancelJob(SigningJob job) {

src/main/java/digital/slovensko/autogram/ui/gui/SettingsDialogController.java

@@ -33,6 +33,8 @@ public class SettingsDialogController {
     @FXML
     private HBox plainXmlEnabledRadios;
     @FXML
+    private TextField tokenSessionTimeoutTextField;
+    @FXML
     private ChoiceBox<TokenDriver> driverChoiceBox;
     @FXML
     private VBox trustedCountriesList;
@@ -76,6 +78,7 @@ public void initialize() {
         initializeBulkEnabledCheckbox();
         initializeEn319132CheckBox();
         initializePlainXmlEnabledCheckBox();
+        initializeTokenSessionTimeoutTextField();
         initializeCorrectDocumentDisplayCheckBox();
         initializeSignatureValidationCheckBox();
         initializeCheckPDFAComplianceCheckBox();
@@ -297,6 +300,15 @@ private void initializeCustomKeystoreSettings() {
         });
     }
 
+    private void initializeTokenSessionTimeoutTextField() {
+        tokenSessionTimeoutTextField.setTextFormatter(new TextFormatter <> (change -> change.getControlNewText().matches("[0-9]*") ? change : null));
+        tokenSessionTimeoutTextField.setText(String.valueOf(userSettings.getTokenSessionTimeout()));
+        tokenSessionTimeoutTextField.setOnKeyTyped((e) -> {
+            if (!tokenSessionTimeoutTextField.getText().isEmpty())
+                userSettings.setTokenSessionTimeout(Long.parseLong(tokenSessionTimeoutTextField.getText()));
+        });
+    }
+
     public void onSaveButtonAction() {
         userSettings.save();
         var stage = (Stage) saveButton.getScene().getWindow();

src/main/resources/digital/slovensko/autogram/ui/gui/settings-dialog.fxml

@@ -150,19 +150,17 @@
                                     <VBox styleClass="left">
                                         <TextFlow>
                                             <Text styleClass="autogram-heading-s">
-                                                Použitie nového štandardu
+                                                Čas pre odpojenie podpisového certifikátu
                                             </Text>
                                         </TextFlow>
                                         <TextFlow>
                                             <Text styleClass="autogram-description">
-                                                Podpisovanie štandardom ETSI EN 319 132 a&#160;ETSI EN 319 122.
-                                                Pozor, systémy verejnej správy tento štandard väčšinou nepodporujú.
+                                                Po koľkých minútach nečinnosti bude podpisový certifikát odpojený.
                                             </Text>
                                         </TextFlow>
                                     </VBox>
-                                    <VBox styleClass="autogram-checkbox-container">
-                                        <HBox fx:id="en319132Radios"
-                                            styleClass="autogram-smaller-radio-buttons" />
+                                    <VBox styleClass="autogram-textfield-container">
+                                        <TextField fx:id="tokenSessionTimeoutTextField" styleClass="autogram-input" />
                                     </VBox>
                                 </HBox>
                                 <HBox styleClass="autogram-settings-row">
@@ -183,6 +181,25 @@
                                             styleClass="autogram-smaller-radio-buttons" />
                                     </VBox>
                                 </HBox>
+                                <HBox styleClass="autogram-settings-row">
+                                    <VBox styleClass="left">
+                                        <TextFlow>
+                                            <Text styleClass="autogram-heading-s">
+                                                Použitie nového štandardu
+                                            </Text>
+                                        </TextFlow>
+                                        <TextFlow>
+                                            <Text styleClass="autogram-description">
+                                                Podpisovanie štandardom ETSI EN 319 132 a&#160;ETSI EN 319 122.
+                                                Pozor, systémy verejnej správy tento štandard väčšinou nepodporujú.
+                                            </Text>
+                                        </TextFlow>
+                                    </VBox>
+                                    <VBox styleClass="autogram-checkbox-container">
+                                        <HBox fx:id="en319132Radios"
+                                            styleClass="autogram-smaller-radio-buttons" />
+                                    </VBox>
+                                </HBox>
                             </VBox>
                         </ScrollPane>
                     </content>

src/test/java/digital/slovensko/autogram/AutogramTests.java

@@ -309,6 +309,11 @@ public void onSignatureCheckCompleted(ValidationReports wrapper) {
         public void updateBatch() {
 
         }
+
+        @Override
+        public void resetSigningKey() {
+
+        }
     }
 
     private class TestSettings extends UserSettings {