Skip to content

Commit

Permalink
Merge pull request #24430 from atomfrede/22020-use-end-session-endpoi…
Browse files Browse the repository at this point in the history 
…nt-metadata

use session endpoint metadata for oauth logout
  • Loading branch information
@DanielFran
DanielFran authored Dec 1, 2023
2 parents a6d2440 + 38c5714 commit 0b06b93
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 24 deletions.
17 changes: 4 additions & 13 deletions ...tors/server/templates/src/main/java/_package_/web/rest/LogoutResource_imperative.java.ejs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,21 +52,12 @@ public class LogoutResource {
@AuthenticationPrincipal(expression = "idToken") OidcIdToken idToken) {
StringBuilder logoutUrl = new StringBuilder();

String issuerUri = this.registration.getProviderDetails().getIssuerUri();
if (issuerUri.contains("auth0.com")) {
logoutUrl.append(issuerUri.endsWith("/") ? issuerUri + "v2/logout" : issuerUri + "/v2/logout");
} else {
logoutUrl.append(this.registration.getProviderDetails().getConfigurationMetadata().get("end_session_endpoint").toString());
}

logoutUrl.append(this.registration.getProviderDetails().getConfigurationMetadata().get("end_session_endpoint").toString());

String originUrl = request.getHeader(HttpHeaders.ORIGIN);

if (issuerUri.contains("auth0.com")) {
logoutUrl.append("?client_id=").append(this.registration.getClientId()).append("&returnTo=").append(originUrl);
} else {
logoutUrl.append("?id_token_hint=").append(idToken.getTokenValue()).append("&post_logout_redirect_uri=").append(originUrl);
}

logoutUrl.append("?id_token_hint=").append(idToken.getTokenValue()).append("&post_logout_redirect_uri=").append(originUrl);

request.getSession().invalidate();
return ResponseEntity.ok().body(Map.of("logoutUrl", logoutUrl.toString()));
}
Expand Down
16 changes: 5 additions & 11 deletions ...rators/server/templates/src/main/java/_package_/web/rest/LogoutResource_reactive.java.ejs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,19 +59,13 @@ public class LogoutResource {

private Map<String, String> prepareLogoutUri(ServerHttpRequest request, ClientRegistration clientRegistration, OidcIdToken idToken) {
StringBuilder logoutUrl = new StringBuilder();
String issuerUri = clientRegistration.getProviderDetails().getIssuerUri();
if (issuerUri.contains("auth0.com")) {
logoutUrl.append(issuerUri.endsWith("/") ? issuerUri + "v2/logout" : issuerUri + "/v2/logout");
} else {
logoutUrl.append(clientRegistration.getProviderDetails().getConfigurationMetadata().get("end_session_endpoint").toString());
}

logoutUrl.append(clientRegistration.getProviderDetails().getConfigurationMetadata().get("end_session_endpoint").toString());

String originUrl = request.getHeaders().getOrigin();
if (issuerUri.contains("auth0.com")) {
logoutUrl.append("?client_id=").append(clientRegistration.getClientId()).append("&returnTo=").append(originUrl);
} else {
logoutUrl.append("?id_token_hint=").append(idToken.getTokenValue()).append("&post_logout_redirect_uri=").append(originUrl);
}

logoutUrl.append("?id_token_hint=").append(idToken.getTokenValue()).append("&post_logout_redirect_uri=").append(originUrl);

return Map.of("logoutUrl", logoutUrl.toString());
}
}

0 comments on commit 0b06b93

Please sign in to comment.