Restored per-session token removal. Logs revised. (#20445)
This commit is contained in:
parent
b3f9d6cd24
commit
e6c453e2bb
|
@ -38,16 +38,16 @@ public class OpenIdConnectAutoLogin extends BaseAutoLogin {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String[] doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
public String[] doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||||
if (log.isTraceEnabled() && request.getSession(false) != null) {
|
|
||||||
log.trace("Session details: id=" + request.getSession(false).getId() + ", instance="
|
|
||||||
+ request.getSession(false));
|
|
||||||
}
|
|
||||||
JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
|
JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
|
||||||
if (token == null) {
|
if (token == null) {
|
||||||
if (log.isTraceEnabled() && request.getSession(false) != null) {
|
if (log.isTraceEnabled()) {
|
||||||
log.trace("OIDC token is null. Can't perform auto login");
|
log.trace("OIDC token is null. Can't perform auto login");
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
|
} else {
|
||||||
|
if (log.isDebugEnabled()) {
|
||||||
|
log.debug("Perform auto login with OIDC token " + token.getTokenEssentials());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
|
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
|
||||||
long companyId = PortalUtil.getCompanyId(request);
|
long companyId = PortalUtil.getCompanyId(request);
|
||||||
|
|
|
@ -13,6 +13,7 @@ import com.liferay.portal.kernel.events.Action;
|
||||||
import com.liferay.portal.kernel.events.ActionException;
|
import com.liferay.portal.kernel.events.ActionException;
|
||||||
import com.liferay.portal.kernel.log.Log;
|
import com.liferay.portal.kernel.log.Log;
|
||||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||||
|
import com.liferay.portal.kernel.util.WebKeys;
|
||||||
import com.liferay.portal.model.User;
|
import com.liferay.portal.model.User;
|
||||||
|
|
||||||
public class PostLoginAction extends Action {
|
public class PostLoginAction extends Action {
|
||||||
|
@ -25,20 +26,25 @@ public class PostLoginAction extends Action {
|
||||||
log.info("PostLoginAction invoked");
|
log.info("PostLoginAction invoked");
|
||||||
}
|
}
|
||||||
JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
|
JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
|
||||||
HttpSession session = request.getSession();
|
HttpSession session = request.getSession(false);
|
||||||
if (token != null && session != null) {
|
if (token != null && session != null) {
|
||||||
if (log.isTraceEnabled()) {
|
User user = (User) session.getAttribute(WebKeys.USER);
|
||||||
log.trace("Session details: id=" + session.getId() + ", instance=" + session);
|
|
||||||
}
|
|
||||||
User user = (User) session.getAttribute("USER");
|
|
||||||
if (user != null) {
|
if (user != null) {
|
||||||
log.info("Setting OIDC token in proxy");
|
log.info("Setting OIDC token in proxy for user " + user.getScreenName() + " and session "
|
||||||
JWTCacheProxy.getInstance().setOIDCToken(user, session, token);
|
+ session.getId());
|
||||||
|
|
||||||
|
JWTCacheProxy.getInstance().setOIDCToken(user, session.getId(), token);
|
||||||
} else {
|
} else {
|
||||||
log.error("User object not found in session");
|
log.error("User object not found in session " + session.getId() + " ["
|
||||||
|
+ Integer.toHexString(session.hashCode()) + "]");
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (token == null) {
|
||||||
|
log.error("OIDC token object is null in request");
|
||||||
|
}
|
||||||
|
if (session == null) {
|
||||||
|
log.error("Session is null");
|
||||||
}
|
}
|
||||||
log.info("Setting OIDC token in session");
|
|
||||||
JWTTokenUtil.putOIDCInSession(token, session);
|
|
||||||
}
|
}
|
||||||
String redirect = (String) request.getAttribute(OpenIdConnectLoginFilter.REDIRECT_ATTRIBUTE);
|
String redirect = (String) request.getAttribute(OpenIdConnectLoginFilter.REDIRECT_ATTRIBUTE);
|
||||||
if (redirect != null) {
|
if (redirect != null) {
|
||||||
|
|
|
@ -11,6 +11,7 @@ import com.liferay.portal.kernel.events.ActionException;
|
||||||
import com.liferay.portal.kernel.events.SessionAction;
|
import com.liferay.portal.kernel.events.SessionAction;
|
||||||
import com.liferay.portal.kernel.log.Log;
|
import com.liferay.portal.kernel.log.Log;
|
||||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||||
|
import com.liferay.portal.kernel.util.WebKeys;
|
||||||
import com.liferay.portal.model.User;
|
import com.liferay.portal.model.User;
|
||||||
|
|
||||||
public class SessionDestroyAction extends SessionAction {
|
public class SessionDestroyAction extends SessionAction {
|
||||||
|
@ -20,13 +21,13 @@ public class SessionDestroyAction extends SessionAction {
|
||||||
@Override
|
@Override
|
||||||
public void run(HttpSession session) throws ActionException {
|
public void run(HttpSession session) throws ActionException {
|
||||||
if (log.isTraceEnabled()) {
|
if (log.isTraceEnabled()) {
|
||||||
log.trace("Session details: id=" + session.getId() + ", instance=" + session);
|
log.trace("Session details " + session.getId() + " [" + Integer.toHexString(session.hashCode()) + "]");
|
||||||
}
|
}
|
||||||
User user = (User) session.getAttribute("USER");
|
User user = (User) session.getAttribute(WebKeys.USER);
|
||||||
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
|
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
|
||||||
if (configuration.logoutOnPortalLogout()) {
|
if (configuration.logoutOnPortalLogout()) {
|
||||||
// Getting the token from the cache proxy because it can be changed due to the (multiple) refresh
|
// Getting the token from the cache proxy because it can be changed due to the (multiple) refresh
|
||||||
JWTToken token = JWTCacheProxy.getInstance().getOIDCToken(user, session);
|
JWTToken token = JWTCacheProxy.getInstance().getOIDCToken(user, session.getId());
|
||||||
if (token != null) {
|
if (token != null) {
|
||||||
if (log.isDebugEnabled()) {
|
if (log.isDebugEnabled()) {
|
||||||
log.debug("Performing logout on OIDC server due to session destroy for user: "
|
log.debug("Performing logout on OIDC server due to session destroy for user: "
|
||||||
|
@ -41,18 +42,20 @@ public class SessionDestroyAction extends SessionAction {
|
||||||
throw new ActionException("Performing logut on OIDC server", e);
|
throw new ActionException("Performing logut on OIDC server", e);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
log.warn("Cannot find the OIDC token in session");
|
log.warn("Cannot find the OIDC token in session " + session.getId() + " ["
|
||||||
|
+ Integer.toHexString(session.hashCode()) + "]");
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (log.isDebugEnabled()) {
|
if (log.isDebugEnabled()) {
|
||||||
log.debug("Don't perform OIDC logout according to configuration");
|
log.debug("Don't perform OIDC logout according to configuration for user: " + user.getScreenName());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (log.isDebugEnabled()) {
|
if (log.isDebugEnabled()) {
|
||||||
log.debug("Removing OIDC tokens from cache proxy");
|
log.debug("Removing OIDC tokens from cache proxy for user " + user.getScreenName() + " and session "
|
||||||
|
+ session.getId());
|
||||||
}
|
}
|
||||||
JWTCacheProxy.getInstance().removeAllOIDCTokens(user);
|
JWTCacheProxy.getInstance().removeOIDCToken(user, session.getId());
|
||||||
JWTCacheProxy.getInstance().removeAllUMATokens(user);
|
JWTCacheProxy.getInstance().removeUMAToken(user, session.getId());
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue