Add createdTime field to SessionInformation

Closes: gh-17359
Signed-off-by: Andrey Litvitski <[email protected]>

Author: therepanic

core/src/main/java/org/springframework/security/core/session/SessionInformation.java

@@ -36,6 +36,7 @@
  * <code>Filter</code>.
  *
  * @author Ben Alex
+ * @author Andrey Litvitski
  */
 public class SessionInformation implements Serializable {
 
@@ -49,13 +50,17 @@ public class SessionInformation implements Serializable {
 
 	private boolean expired = false;
 
-	public SessionInformation(Object principal, String sessionId, Date lastRequest) {
+	private final Date createdTime;
+
+	public SessionInformation(Object principal, String sessionId, Date lastRequest, Date createdTime) {
 		Assert.notNull(principal, "Principal required");
 		Assert.hasText(sessionId, "SessionId required");
 		Assert.notNull(lastRequest, "LastRequest required");
+		Assert.notNull(lastRequest, "CreatedTime required");
 		this.principal = principal;
 		this.sessionId = sessionId;
 		this.lastRequest = lastRequest;
+		this.createdTime = createdTime;
 	}
 
 	public void expireNow() {
@@ -74,6 +79,10 @@ public String getSessionId() {
 		return this.sessionId;
 	}
 
+	public Date getCreatedTime() {
+		return this.createdTime;
+	}
+
 	public boolean isExpired() {
 		return this.expired;
 	}

core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java

@@ -133,7 +133,9 @@ public void registerNewSession(String sessionId, Object principal) {
 		if (this.logger.isDebugEnabled()) {
 			this.logger.debug(LogMessage.format("Registering session %s, for principal %s", sessionId, principal));
 		}
-		this.sessionIds.put(sessionId, new SessionInformation(principal, sessionId, new Date()));
+		Date currentDate = new Date();
+		this.sessionIds.put(sessionId, new SessionInformation(principal, sessionId, new Date(currentDate.getTime()),
+				new Date(currentDate.getTime())));
 		this.principals.compute(principal, (key, sessionsUsedByPrincipal) -> {
 			if (sessionsUsedByPrincipal == null) {
 				sessionsUsedByPrincipal = new CopyOnWriteArraySet<>();

core/src/test/java/org/springframework/security/core/session/SessionInformationTests.java

@@ -26,6 +26,7 @@
  * Tests {@link SessionInformation}.
  *
  * @author Ben Alex
+ * @author Andrey Litvitski
  */
 public class SessionInformationTests {
 
@@ -34,10 +35,12 @@ public void testObject() throws Exception {
 		Object principal = "Some principal object";
 		String sessionId = "1234567890";
 		Date currentDate = new Date();
-		SessionInformation info = new SessionInformation(principal, sessionId, currentDate);
+		SessionInformation info = new SessionInformation(principal, sessionId, new Date(currentDate.getTime()),
+				new Date(currentDate.getTime()));
 		assertThat(info.getPrincipal()).isEqualTo(principal);
 		assertThat(info.getSessionId()).isEqualTo(sessionId);
 		assertThat(info.getLastRequest()).isEqualTo(currentDate);
+		assertThat(info.getCreatedTime()).isEqualTo(currentDate);
 		Thread.sleep(10);
 		info.refreshLastRequest();
 		assertThat(info.getLastRequest().after(currentDate)).isTrue();