View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.syncope.sra.security;
20  
21  import java.net.URI;
22  import java.util.Map;
23  import java.util.Optional;
24  import java.util.concurrent.ConcurrentHashMap;
25  import org.apache.commons.lang3.StringUtils;
26  import org.apache.syncope.common.lib.to.SRARouteTO;
27  import org.apache.syncope.sra.RouteProvider;
28  import org.apache.syncope.sra.SRAProperties;
29  import org.apache.syncope.sra.security.web.server.DoNothingIfCommittedServerRedirectStrategy;
30  import org.springframework.beans.factory.annotation.Autowired;
31  import org.springframework.cloud.gateway.event.RefreshRoutesEvent;
32  import org.springframework.cloud.gateway.support.ServerWebExchangeUtils;
33  import org.springframework.context.ApplicationListener;
34  import org.springframework.security.web.server.ServerRedirectStrategy;
35  import org.springframework.security.web.server.WebFilterExchange;
36  import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
37  
38  public abstract class AbstractServerLogoutSuccessHandler
39          implements ServerLogoutSuccessHandler, ApplicationListener<RefreshRoutesEvent> {
40  
41      private static final Map<String, Optional<URI>> CACHE = new ConcurrentHashMap<>();
42  
43      protected final ServerRedirectStrategy redirectStrategy = new DoNothingIfCommittedServerRedirectStrategy();
44  
45      @Autowired
46      private RouteProvider routeProvider;
47  
48      @Autowired
49      private SRAProperties props;
50  
51      @Override
52      public void onApplicationEvent(final RefreshRoutesEvent event) {
53          CACHE.clear();
54      }
55  
56      protected URI getPostLogout(final WebFilterExchange exchange) {
57          URI postLogout = props.getGlobal().getPostLogout();
58          String routeId = exchange.getExchange().getAttribute(ServerWebExchangeUtils.GATEWAY_PREDICATE_ROUTE_ATTR);
59          if (StringUtils.isNotBlank(routeId)) {
60              Optional<URI> routePostLogout = Optional.ofNullable(CACHE.get(routeId)).orElseGet(() -> {
61                  Optional<SRARouteTO> route = routeProvider.getRouteTOs().stream().
62                          filter(r -> routeId.equals(r.getKey())).findFirst();
63                  URI uri = route.map(SRARouteTO::getPostLogout).orElse(null);
64  
65                  CACHE.put(routeId, Optional.ofNullable(uri));
66                  return CACHE.get(routeId);
67              });
68              if (routePostLogout.isPresent()) {
69                  postLogout = routePostLogout.get();
70              }
71          }
72          return postLogout;
73      }
74  }