oidc-enrollment-hook/src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java

package com.nubisware.oidc.lr62;

import java.io.IOException;

import javax.servlet.http.HttpSession;

import com.liferay.portal.kernel.events.ActionException;
import com.liferay.portal.kernel.events.SessionAction;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.nubisware.oidc.rest.JWTToken;
import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;

public class SessionDestroyAction extends SessionAction {

	protected static final Log log = LogFactoryUtil.getLog(SessionDestroyAction.class);

	@Override
	public void run(HttpSession session) throws ActionException {
	    if (log.isTraceEnabled()) {
	        log.trace("Session id is: " + session.getId());
	    }
		LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
		if (configuration.logoutOnPortalLogout()) {
			JWTToken token = JWTToken.fromString((String) session.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
			if (token != null) {
				log.debug("Performing logout on OIDC server due to session destroy");
				try {
					OpenIdConnectRESTHelper.logout(token, configuration.getLogoutUrl(), configuration.getClientId());
				} catch (IOException e) {
					throw new ActionException("Performing logut on OIDC server", e);
				}
			} else {
				log.error("Cannot find the OIDC token in session");
			}
		} else {
			log.debug("Don't performing OIDC logout according to configuration");
		}
	}

}