1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.client.ui.commons.resources.oidcc4ui;
20
21 import javax.servlet.http.HttpServletRequest;
22 import javax.ws.rs.core.HttpHeaders;
23 import javax.ws.rs.core.Response;
24 import org.apache.commons.lang3.StringUtils;
25 import org.apache.syncope.client.ui.commons.BaseSession;
26 import org.apache.syncope.client.ui.commons.annotations.Resource;
27 import org.apache.syncope.client.ui.commons.panels.OIDCC4UIConstants;
28 import org.apache.syncope.common.lib.oidc.OIDCRequest;
29 import org.apache.syncope.common.rest.api.service.OIDCC4UIService;
30 import org.apache.wicket.Session;
31 import org.apache.wicket.request.resource.AbstractResource;
32
33 @Resource(
34 key = OIDCC4UIConstants.URL_CONTEXT + ".beforeLogout",
35 path = "/" + OIDCC4UIConstants.URL_CONTEXT + "/before-logout")
36 public class BeforeLogoutResource extends AbstractResource {
37
38 private static final long serialVersionUID = 273797583932923564L;
39
40 @Override
41 protected ResourceResponse newResourceResponse(final Attributes attributes) {
42 HttpServletRequest request = (HttpServletRequest) attributes.getRequest().getContainerRequest();
43 String postLogoutRedirectURI = StringUtils.substringBefore(
44 request.getRequestURL().toString(), "/before-logout") + "/logout";
45
46 OIDCC4UIService service = BaseSession.class.cast(Session.get()).getService(OIDCC4UIService.class);
47 OIDCRequest logoutRequest = service.createLogoutRequest(postLogoutRedirectURI);
48
49 ResourceResponse response = new ResourceResponse();
50 response.setStatusCode(Response.Status.FOUND.getStatusCode());
51 response.getHeaders().addHeader(HttpHeaders.CACHE_CONTROL, "no-cache, no-store");
52 response.getHeaders().addHeader("Pragma", "no-cache");
53 response.getHeaders().addHeader(HttpHeaders.LOCATION, logoutRequest.getLocation());
54
55 Session.get().invalidate();
56
57 return response;
58 }
59 }