Now client id for the logout is took from the token itself since can be issued for new (dynamically) created gateways
This commit is contained in:
Mauro Mugnaini
parent
41262534b4
commit
646b714399
|
|
@ -1,52 +1,60 @@
|
||||||
package com.nubisware.oidc.lr62;
|
package org.gcube.portal.oidc.lr62;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
import javax.servlet.http.HttpSession;
|
import javax.servlet.http.HttpSession;
|
||||||
|
|
||||||
|
import org.gcube.oidc.rest.JWTToken;
|
||||||
|
import org.gcube.oidc.rest.OpenIdConnectRESTHelper;
|
||||||
|
|
||||||
import com.liferay.portal.kernel.events.ActionException;
|
import com.liferay.portal.kernel.events.ActionException;
|
||||||
import com.liferay.portal.kernel.events.SessionAction;
|
import com.liferay.portal.kernel.events.SessionAction;
|
||||||
import com.liferay.portal.kernel.log.Log;
|
import com.liferay.portal.kernel.log.Log;
|
||||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||||
import com.liferay.portal.model.User;
|
import com.liferay.portal.model.User;
|
||||||
import com.nubisware.oidc.rest.JWTToken;
|
|
||||||
import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;
|
|
||||||
|
|
||||||
public class SessionDestroyAction extends SessionAction {
|
public class SessionDestroyAction extends SessionAction {
|
||||||
|
|
||||||
protected static final Log log = LogFactoryUtil.getLog(SessionDestroyAction.class);
|
protected static final Log log = LogFactoryUtil.getLog(SessionDestroyAction.class);
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void run(HttpSession session) throws ActionException {
|
public void run(HttpSession session) throws ActionException {
|
||||||
if (log.isTraceEnabled()) {
|
if (log.isTraceEnabled()) {
|
||||||
log.trace("Session details: id=" + session.getId() + ", instance=" + session);
|
log.trace("Session details: id=" + session.getId() + ", instance=" + session);
|
||||||
}
|
}
|
||||||
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
|
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
|
||||||
if (configuration.logoutOnPortalLogout()) {
|
if (configuration.logoutOnPortalLogout()) {
|
||||||
JWTToken token = JWTTokenUtil.getOIDCFromSession(session);
|
JWTToken token = JWTTokenUtil.getOIDCFromSession(session);
|
||||||
if (token != null) {
|
if (token != null) {
|
||||||
if (log.isDebugEnabled()) {
|
if (log.isDebugEnabled()) {
|
||||||
log.debug("Performing logout on OIDC server due to session destroy");
|
log.debug("Performing logout on OIDC server due to session destroy");
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
OpenIdConnectRESTHelper.logout(token, configuration.getLogoutUrl(), configuration.getClientId());
|
List<String> tokenAud = token.getAud();
|
||||||
} catch (IOException e) {
|
tokenAud.remove(JWTToken.ACCOUNT_RESOURCE);
|
||||||
throw new ActionException("Performing logut on OIDC server", e);
|
String clientId = tokenAud.iterator().next();
|
||||||
}
|
if (log.isDebugEnabled()) {
|
||||||
} else {
|
log.debug("Performing logout from the client: " + clientId);
|
||||||
log.error("Cannot find the OIDC token in session");
|
}
|
||||||
}
|
OpenIdConnectRESTHelper.logout(token, configuration.getLogoutURL(), clientId);
|
||||||
} else {
|
} catch (IOException e) {
|
||||||
if (log.isDebugEnabled()) {
|
throw new ActionException("Performing logut on OIDC server", e);
|
||||||
log.debug("Don't performing OIDC logout according to configuration");
|
}
|
||||||
}
|
} else {
|
||||||
}
|
log.warn("Cannot find the OIDC token in session");
|
||||||
if (log.isDebugEnabled()) {
|
}
|
||||||
log.debug("Removing OIDC tokens from cache proxy");
|
} else {
|
||||||
}
|
if (log.isDebugEnabled()) {
|
||||||
User user = (User) session.getAttribute("USER");
|
log.debug("Don't performing OIDC logout according to configuration");
|
||||||
OIDCTokenProxy.getInstance().removeOIDCToken(user, session);
|
}
|
||||||
OIDCTokenProxy.getInstance().removeUMAToken(user, session);
|
}
|
||||||
}
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Removing OIDC tokens from cache proxy");
|
||||||
|
}
|
||||||
|
User user = (User) session.getAttribute("USER");
|
||||||
|
OIDCTokenCacheProxy.getInstance().removeOIDCToken(user, session);
|
||||||
|
OIDCTokenCacheProxy.getInstance().removeUMAToken(user, session);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue