gCubeSystem
/
oidc-enrollment-hook
16
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

OIDC token got from proxy cache on logout in order to have the last refrehed one

This commit is contained in:
Mauro Mugnaini 2020-06-29 16:26:09 +02:00
parent a02bc215a4
commit 1ea97a6f10
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/main/java/org/gcube/portal/oidc/lr62/SessionDestroyAction.java
View File

@ -23,21 +23,24 @@ public class SessionDestroyAction extends SessionAction {
if (log.isTraceEnabled()) {
log.trace("Session details: id=" + session.getId() + ", instance=" + session);
}
User user = (User) session.getAttribute("USER");
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
if (configuration.logoutOnPortalLogout()) {
JWTToken token = JWTTokenUtil.getOIDCFromSession(session);
// Getting the token from the cache proxy because it can be changed due to the (multiple) refresh
JWTToken token = OIDCTokenCacheProxy.getInstance().getOIDCToken(user, session);
if (token != null) {
if (log.isDebugEnabled()) {
log.debug("Performing logout on OIDC server due to session destroy");
log.debug("Performing logout on OIDC server due to session destroy for user: "
+ user.getScreenName());
}
try {
List<String> tokenAud = token.getAud();
tokenAud.remove(JWTToken.ACCOUNT_RESOURCE);
String clientId = tokenAud.iterator().next();
if (log.isDebugEnabled()) {
log.debug("Performing logout from the client: " + clientId);
log.debug("Performing logout by using client id: " + clientId);
}
OpenIdConnectRESTHelper.logout(token, configuration.getLogoutURL(), clientId);
OpenIdConnectRESTHelper.logout(configuration.getLogoutURL(), clientId, token);
} catch (IOException e) {
throw new ActionException("Performing logut on OIDC server", e);
}
@ -52,7 +55,6 @@ public class SessionDestroyAction extends SessionAction {
if (log.isDebugEnabled()) {
log.debug("Removing OIDC tokens from cache proxy");
}
User user = (User) session.getAttribute("USER");
OIDCTokenCacheProxy.getInstance().removeOIDCToken(user, session);
OIDCTokenCacheProxy.getInstance().removeUMAToken(user, session);
}