package com.nubisware.oidc.lr62; import java.io.IOException; import javax.servlet.http.HttpSession; import com.liferay.portal.kernel.events.ActionException; import com.liferay.portal.kernel.events.SessionAction; import com.liferay.portal.kernel.log.Log; import com.liferay.portal.kernel.log.LogFactoryUtil; import com.nubisware.oidc.rest.JWTToken; import com.nubisware.oidc.rest.OpenIdConnectRESTHelper; public class SessionDestroyAction extends SessionAction { protected static final Log log = LogFactoryUtil.getLog(SessionDestroyAction.class); @Override public void run(HttpSession session) throws ActionException { if (log.isTraceEnabled()) { log.trace("Session id is: " + session.getId()); } LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(); if (configuration.logoutOnPortalLogout()) { JWTToken token = JWTToken.fromString((String) session.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE)); if (token != null) { log.debug("Performing logout on OIDC server due to session destroy"); try { OpenIdConnectRESTHelper.logout(token, configuration.getLogoutUrl(), configuration.getClientId()); } catch (IOException e) { throw new ActionException("Performing logut on OIDC server", e); } } else { log.error("Cannot find the OIDC token in session"); } } else { log.debug("Don't performing OIDC logout according to configuration"); } } }