From aba94db0c890abb4df195ee8b2ba167515260bbf Mon Sep 17 00:00:00 2001 From: "michele.artini" Date: Wed, 2 Dec 2020 16:10:23 +0100 Subject: [PATCH] override remote logout url --- .../dnet-orgs-database-application/report.xml | 1131 +++++++++++++---- .../OAuth2WebSecurityConfig.java | 16 + .../src/main/resources/application.properties | 8 +- 3 files changed, 888 insertions(+), 267 deletions(-) diff --git a/apps/dnet-orgs-database-application/report.xml b/apps/dnet-orgs-database-application/report.xml index 36b02463..524f54ea 100644 --- a/apps/dnet-orgs-database-application/report.xml +++ b/apps/dnet-orgs-database-application/report.xml @@ -22,14 +22,14 @@ Darwin - 19.6.0 - Darwin Kernel Version 19.6.0: Mon Aug 31 22:12:52 PDT 2020; root:xnu-6153.141.2~1/RELEASE_X86_64 - Micheles-MBP.local + 20.1.0 + Darwin Kernel Version 20.1.0: Sat Oct 31 00:07:11 PDT 2020; root:xnu-7195.50.7~2/RELEASE_X86_64 + MBP-di-Michele x86_64 - tcpflow -c -i any port 8080 + tcpflow -c -i any port 8480 0 root - 2020-11-03T15:32:30Z + 2020-12-02T11:07:15Z @@ -37,440 +37,1043 @@ 0 - ::1.08080-::1.53199 - 214372 - + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + + + + 0 + - ::1.08080-::1.53223 - 73584 - + 0 + - ::1.08080-::1.53224 - 738274 - + ::1.08480-::1.53256 + 438824 + - ::1.08080-::1.53225 - 175020 - + ::1.08480-::1.53247 + 648818 + - ::1.08080-::1.53226 - 156296 - + ::1.53247-::1.08480 + 5574 + - ::1.08080-::1.53227 - 125580 - + ::1.53246-::1.08480 + 6856 + - ::1.08080-::1.53232 - 1220 - + ::1.08480-::1.53245 + 497778 + - ::1.08080-::1.53351 - 2440 - + ::1.08480-::1.53244 + 1565228 + - ::1.08080-::1.53355 - 26250 - + ::1.53244-::1.08480 + 18352 + - 127.000.000.001.08080-127.000.000.001.53609 - 7550 - + ::1.08480-::1.53243 + 5556 + - ::1.53633-::1.08080 - 1480 - + ::1.08480-::1.53043 + 172196 + - 127.000.000.001.08080-127.000.000.001.53641 - 3286 - + ::1.08480-::1.53042 + 264868 + - ::1.08080-::1.53634 - 331886 - + ::1.53042-::1.08480 + 2374 + - ::1.08080-::1.53636 - 950 - + ::1.08480-::1.53041 + 688934 + - ::1.08080-::1.53635 - 610055 - + ::1.08480-::1.53039 + 5556 + - ::1.08080-::1.53637 - 231604 - + ::1.53039-::1.08480 + 842 + - ::1.08080-::1.53638 - 126040 - + ::1.08480-::1.53035 + 765734 + - ::1.08080-::1.53639 - 165006 - + ::1.53002-::1.08480 + 842 + - ::1.08080-::1.53640 - 188944 - + ::1.53041-::1.08480 + 3346 + - 127.000.000.001.08080-127.000.000.001.53658 - 3284 - + ::1.08480-::1.53001 + 5556 + - 127.000.000.001.08080-127.000.000.001.53662 - 7550 - + ::1.08480-::1.52998 + 545196 + - 127.000.000.001.08080-127.000.000.001.53695 - 6292 - + ::1.52998-::1.08480 + 4744 + - ::1.08080-::1.53643 - 1672152 - + ::1.08480-::1.52996 + 853710 + - ::1.08080-::1.53644 - 1540618 - + ::1.52995-::1.08480 + 9364 + - ::1.08080-::1.53645 - 680702 - + ::1.52996-::1.08480 + 8088 + - ::1.08080-::1.53647 - 1777902 - + ::1.08480-::1.52971 + 117012 + - ::1.08080-::1.53646 - 951764 - + ::1.52971-::1.08480 + 794 + - ::1.08080-::1.53648 - 409013 - + ::1.08480-::1.52970 + 630252 + - ::1.08080-::1.53689 - 26698 - + ::1.52969-::1.08480 + 3968 + - 127.000.000.001.08080-127.000.000.001.53704 - 4678 - + ::1.08480-::1.52968 + 374446 + - 127.000.000.001.08080-127.000.000.001.53706 - 4678 - + ::1.52968-::1.08480 + 4214 + - 127.000.000.001.53774-127.000.000.001.08080 - 1136 - + ::1.52967-::1.08480 + 4388 + - 127.000.000.001.08080-127.000.000.001.53775 - 926 - + ::1.52966-::1.08480 + 7790 + - 127.000.000.001.08080-127.000.000.001.53870 - 4678 - + ::1.08480-::1.52965 + 5556 + - ::1.08080-::1.53777 - 950 - + ::1.52965-::1.08480 + 842 + - ::1.08080-::1.53776 - 495102 - + ::1.52964-::1.08480 + 842 + - ::1.08080-::1.53780 - 461951 - + ::1.08480-::1.52944 + 117012 + - ::1.08080-::1.53779 - 216914 - + ::1.08480-::1.53002 + 5556 + - ::1.08080-::1.53778 - 59326 - + ::1.52944-::1.08480 + 798 + - ::1.08080-::1.53703 - 766 - + ::1.08480-::1.52943 + 42876 + - ::1.08080-::1.53705 - 253782 - + ::1.53248-::1.08480 + 4748 + - 127.000.000.001.53870-127.000.000.001.08080 - 2796 - + ::1.08480-::1.52942 + 177158 + - ::1.53780-::1.08080 - 3284 - + ::1.52942-::1.08480 + 804 + - 127.000.000.001.53609-127.000.000.001.08080 - 396 - + ::1.08480-::1.52941 + 6100 + - 127.000.000.001.53706-127.000.000.001.08080 - 2796 - + ::1.52941-::1.08480 + 958 + - 127.000.000.001.53704-127.000.000.001.08080 - 2796 - + ::1.53245-::1.08480 + 6912 + - ::1.53689-::1.08080 - 1600 - + ::1.08480-::1.52940 + 366628 + - 127.000.000.001.53662-127.000.000.001.08080 - 396 - + ::1.52940-::1.08480 + 1686 + - ::1.53705-::1.08080 - 8304 - + ::1.52920-::1.08480 + 2364 + - 127.000.000.001.53658-127.000.000.001.08080 - 2796 - + ::1.52918-::1.08480 + 4790 + - ::1.53645-::1.08080 - 16711 - + ::1.08480-::1.52919 + 130586 + - ::1.53644-::1.08080 - 15876 - + ::1.08480-::1.53248 + 684720 + - ::1.53643-::1.08080 - 40162 - + ::1.52919-::1.08480 + 2370 + - 127.000.000.001.53641-127.000.000.001.08080 - 2798 - + ::1.08480-::1.52918 + 724716 + - ::1.53640-::1.08080 - 1496 - + ::1.52917-::1.08480 + 5252 + - ::1.53639-::1.08080 - 4478 - + ::1.08480-::1.53246 + 394576 + - ::1.53703-::1.08080 - 1510 - + ::1.52916-::1.08480 + 4996 + - 127.000.000.001.08080-127.000.000.001.53774 - 3752 - + ::1.08480-::1.52915 + 1125116 + - ::1.53199-::1.08080 - 5152 - + ::1.08480-::1.52917 + 38828 + - ::1.53776-::1.08080 - 4828 - + ::1.52915-::1.08480 + 11658 + - ::1.53635-::1.08080 - 4480 - + ::1.52880-::1.08480 + 7070 + - 127.000.000.001.53775-127.000.000.001.08080 - 1660 - + ::1.52485-::1.08480 + 14386 + - ::1.53634-::1.08080 - 12734 - + ::1.52879-::1.08480 + 7570 + + + + ::1.08480-::1.52878 + 1330418 + 0 - + + + + ::1.08480-::1.52497 + 147012 + + + + 0 + + + + ::1.08480-::1.52920 + 254942 + + + + ::1.52677-::1.08480 + 786 + + + + 0 + + + + ::1.52675-::1.08480 + 792 + + + + 0 + + + + 0 + + + + ::1.08480-::1.52883 + 524474 + + + + 0 + + + + ::1.08480-::1.52677 + 117012 + + + + ::1.08480-::1.52887 + 5556 + + + + ::1.52673-::1.08480 + 820 + + + + ::1.08480-::1.52493 + 654080 + + + + 0 + + + + ::1.53243-::1.08480 + 842 + + + + ::1.08480-::1.52676 + 42876 + + + + ::1.08480-::1.52495 + 1428571 + + + + 0 + + + + ::1.52676-::1.08480 + 780 + + + + ::1.08480-::1.52675 + 177158 + + + + ::1.52672-::1.08480 + 842 + + + + 0 + + + + ::1.53043-::1.08480 + 2376 + + + + ::1.08480-::1.52674 + 6100 + + + + 0 + + + + 0 + + + + ::1.52674-::1.08480 + 946 + + + + ::1.53256-::1.08480 + 2378 + + + + 0 + + + + ::1.52943-::1.08480 + 792 + + + + ::1.08480-::1.52673 + 361072 + + + + ::1.53040-::1.08480 + 3446 + + + + ::1.52646-::1.08480 + 810 + + + + ::1.08480-::1.52672 + 5556 + + + + 0 + + + + ::1.52598-::1.08480 + 3324 + + + + ::1.08480-::1.52640 + 117012 + + + + ::1.52640-::1.08480 + 794 + + + + ::1.08480-::1.52639 + 180806 + + + + ::1.52639-::1.08480 + 2272 + + + + ::1.08480-::1.53044 + 117012 + + + + ::1.08480-::1.52650 + 1154 + + + + ::1.53035-::1.08480 + 10028 + + + + ::1.08480-::1.52997 + 491972 + + + + ::1.08480-::1.52603 + 117012 + + + + ::1.53044-::1.08480 + 794 + + + + ::1.52650-::1.08480 + 776 + + + + ::1.08480-::1.52485 + 1683066 + + + + ::1.08480-::1.52879 + 1723368 + + + + ::1.52997-::1.08480 + 5524 + + + + ::1.52603-::1.08480 + 794 + + + + ::1.08480-::1.52994 + 1342342 + + + + ::1.08480-::1.52600 + 172196 + + + + ::1.08480-::1.52964 + 5556 + + + + ::1.52493-::1.08480 + 5512 + + + + ::1.52887-::1.08480 + 842 + + + + ::1.08480-::1.52967 + 201244 + + + + ::1.52596-::1.08480 + 7974 + + + + ::1.08480-::1.53040 + 161902 + + + + ::1.53001-::1.08480 + 842 + + + + ::1.08480-::1.52646 + 152324 + + + + ::1.52994-::1.08480 + 11032 + + + + ::1.52600-::1.08480 + 2286 + + + + ::1.08480-::1.52993 + 2806680 + + + + ::1.08480-::1.52599 + 383950 + + + + 0 + + + + ::1.52495-::1.08480 + 7044 + + + + ::1.08480-::1.52637 + 225252 + + + + 0 + + + + ::1.08480-::1.52496 + 276370 + + + + ::1.52597-::1.08480 + 3334 + + + + ::1.08480-::1.52881 + 915424 + + + + 0 + + + + ::1.08480-::1.52595 + 5556 + + + + ::1.08480-::1.52597 + 171228 + + + + ::1.52595-::1.08480 + 752 + + + + ::1.08480-::1.52638 + 231626 + + + + ::1.08480-::1.52880 + 227896 + + + + ::1.08480-::1.52995 + 486954 + + + + ::1.52638-::1.08480 + 2300 + + + + ::1.52497-::1.08480 + 3692 + + + + ::1.52634-::1.08480 + 6770 + - ::1.53632-::1.08080 - 1480 - + ::1.08480-::1.52636 + 189738 + - ::1.53778-::1.08080 - 3244 - + ::1.52636-::1.08480 + 11236 + - ::1.53637-::1.08080 - 6146 - + ::1.08480-::1.52634 + 1083172 + - ::1.53646-::1.08080 - 19846 - + ::1.52883-::1.08480 + 4752 + - ::1.53355-::1.08080 - 3858 - + ::1.08480-::1.52596 + 1097422 + - ::1.53351-::1.08080 - 3284 - + ::1.08480-::1.52882 + 330352 + - ::1.53779-::1.08080 - 4870 - + ::1.52970-::1.08480 + 3150 + - ::1.53638-::1.08080 - 4542 - + ::1.08480-::1.52494 + 930804 + - ::1.53647-::1.08080 - 19552 - + ::1.52882-::1.08480 + 5474 + - ::1.53224-::1.08080 - 5162 - + ::1.52494-::1.08480 + 5622 + - ::1.53223-::1.08080 - 6972 - + ::1.08480-::1.52916 + 654080 + - 127.000.000.001.53695-127.000.000.001.08080 - 3146 - + ::1.52637-::1.08480 + 3332 + - ::1.53648-::1.08080 - 13112 - + ::1.08480-::1.52966 + 1123482 + - ::1.08080-::1.53633 - 26366 - + ::1.52496-::1.08480 + 5310 + - ::1.53225-::1.08080 - 6974 - + ::1.08480-::1.52598 + 229814 + - ::1.53232-::1.08080 - 1688 - + ::1.52881-::1.08480 + 5572 + - ::1.53777-::1.08080 - 3268 - + ::1.52993-::1.08480 + 32630 + - ::1.53636-::1.08080 - 3034 - + ::1.08480-::1.52969 + 426826 + - ::1.53226-::1.08080 - 5122 - + ::1.52599-::1.08480 + 3098 + - ::1.53227-::1.08080 - 5296 - + ::1.52878-::1.08480 + 15048 + 0 0 - 84 - 43 - 4098 + 218 + 166 + 11732 - 0.907236 - 0.389275 - 2375680 - 766 - 13 + 1.696512 + 0.330076 + 3411968 + 1036 + 0 0 0 0 - 585.519673 + 2582.443344 diff --git a/apps/dnet-orgs-database-application/src/main/java/eu/dnetlib/organizations/OAuth2WebSecurityConfig.java b/apps/dnet-orgs-database-application/src/main/java/eu/dnetlib/organizations/OAuth2WebSecurityConfig.java index e0aaf6d0..373da0c3 100644 --- a/apps/dnet-orgs-database-application/src/main/java/eu/dnetlib/organizations/OAuth2WebSecurityConfig.java +++ b/apps/dnet-orgs-database-application/src/main/java/eu/dnetlib/organizations/OAuth2WebSecurityConfig.java @@ -46,6 +46,9 @@ public class OAuth2WebSecurityConfig extends WebSecurityConfigurerAdapter { @Value("${openaire.api.valid.subnet}") private String openaireApiValidSubnet; + @Value("${openaire.override.logout.url}") + private String openaireLogoutUrl; + private static Logger logger = LoggerFactory.getLogger(OAuth2WebSecurityConfig.class); @Override @@ -69,6 +72,9 @@ public class OAuth2WebSecurityConfig extends WebSecurityConfigurerAdapter { .and() .logout() .logoutSuccessHandler(oidcLogoutSuccessHandler()) + .invalidateHttpSession(true) + .clearAuthentication(true) + .deleteCookies("JSESSIONID") .and() .oauth2Login(oauth2 -> oauth2.userInfoEndpoint(userInfo -> userInfo.oidcUserService(this.oidcUserService()))); } @@ -95,7 +101,17 @@ public class OAuth2WebSecurityConfig extends WebSecurityConfigurerAdapter { // NB: // The same URL must be configured server side: // Manage Clients > Edit Client > Other > Post-Logout Redirect + handler.setPostLogoutRedirectUri("{baseUrl}"); + handler.setRedirectStrategy((req, res, url) -> { + if (StringUtils.isNotBlank(openaireLogoutUrl)) { + logger.info("Performing remote logout: " + openaireLogoutUrl); + res.sendRedirect(openaireLogoutUrl); + } else { + logger.info("Performing remote logout: " + url); + res.sendRedirect(url); + } + }); return handler; } diff --git a/apps/dnet-orgs-database-application/src/main/resources/application.properties b/apps/dnet-orgs-database-application/src/main/resources/application.properties index 1cbad9b2..74e63be6 100644 --- a/apps/dnet-orgs-database-application/src/main/resources/application.properties +++ b/apps/dnet-orgs-database-application/src/main/resources/application.properties @@ -3,20 +3,20 @@ server.port=8480 #spring.profiles.active=dev spring.main.banner-mode = off + logging.level.root = INFO +#logging.level.org.springframework = DEBUG spring.datasource.url=jdbc:postgresql://localhost:5432/oa_organizations spring.datasource.username=oa_organizations spring.datasource.password= -spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.PostgreSQLDialect - # Hibernate ddl auto (create, create-drop, validate, update) spring.jpa.hibernate.ddl-auto = validate +spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.PostgreSQLDialect spring.jpa.properties.hibernate.hbm2dll.extra_physical_table_types = MATERIALIZED VIEW spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true spring.jpa.open-in-view=true - spring.jpa.properties.hibernate.show_sql=false spring.jpa.properties.hibernate.use_sql_comments=false spring.jpa.properties.hibernate.format_sql=false @@ -36,3 +36,5 @@ spring.security.oauth2.client.provider.oidc.authorization-uri = http://localhost spring.security.oauth2.client.provider.oidc.jwk-set-uri = http://localhost:8080/openid-connect-server-webapp/jwk spring.security.oauth2.client.provider.oidc.token-uri = http://localhost:8080/openid-connect-server-webapp/token spring.security.oauth2.client.provider.oidc.user-info-uri = http://localhost:8080/openid-connect-server-webapp/userinfo + +openaire.override.logout.url =