mirror of https://github.com/jacekkow/keycloak-protocol-cas
view | history | commit | commitdiff
Jacek Kowalski
2022-03-23 b1ec309effa13b22df969c3835605f6614d00a66
commit | author | age
7f7e0c 1 package org.keycloak.protocol.cas.endpoints;
MP 2
3 import org.jboss.logging.Logger;
4 import org.jboss.resteasy.annotations.cache.NoCache;
5 import org.jboss.resteasy.spi.HttpRequest;
6 import org.keycloak.common.ClientConnection;
7 import org.keycloak.events.EventBuilder;
4a6620 8 import org.keycloak.models.ClientModel;
7f7e0c 9 import org.keycloak.models.KeycloakSession;
MP 10 import org.keycloak.models.RealmModel;
11 import org.keycloak.models.UserSessionModel;
12 import org.keycloak.protocol.cas.CASLoginProtocol;
4a6620 13 import org.keycloak.protocol.oidc.utils.RedirectUtils;
MP 14 import org.keycloak.services.ErrorPage;
7f7e0c 15 import org.keycloak.services.managers.AuthenticationManager;
4a6620 16 import org.keycloak.services.messages.Messages;
7f7e0c 17
MP 18 import javax.ws.rs.GET;
4a6620 19 import javax.ws.rs.QueryParam;
7f7e0c 20 import javax.ws.rs.core.Context;
MP 21 import javax.ws.rs.core.HttpHeaders;
22 import javax.ws.rs.core.Response;
23
24 public class LogoutEndpoint {
57a6c1 25     private static final Logger logger = Logger.getLogger(LogoutEndpoint.class);
7f7e0c 26
MP 27     @Context
28     private KeycloakSession session;
29
30     @Context
31     private ClientConnection clientConnection;
32
33     @Context
34     private HttpRequest request;
35
36     @Context
37     private HttpHeaders headers;
38
39     private RealmModel realm;
40     private EventBuilder event;
4a6620 41     private ClientModel client;
MP 42     private String redirectUri;
7f7e0c 43
MP 44     public LogoutEndpoint(RealmModel realm, EventBuilder event) {
45         this.realm = realm;
46         this.event = event;
47     }
48
49     @GET
50     @NoCache
4a6620 51     public Response logout(@QueryParam(CASLoginProtocol.SERVICE_PARAM) String service) {
MP 52         checkClient(service);
7f7e0c 53
MP 54         AuthenticationManager.AuthResult authResult = AuthenticationManager.authenticateIdentityCookie(session, realm, false);
55         if (authResult != null) {
56             UserSessionModel userSession = authResult.getSession();
57             userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, CASLoginProtocol.LOGIN_PROTOCOL);
4a6620 58             if (redirectUri != null) userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri);
7f7e0c 59
MP 60             logger.debug("Initiating CAS browser logout");
f63e40 61             Response response =  AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), clientConnection, headers, null);
7f7e0c 62             logger.debug("finishing CAS browser logout");
MP 63             return response;
64         }
6638b8 65         return ErrorPage.error(session, null, Response.Status.BAD_REQUEST, Messages.FAILED_LOGOUT);
4a6620 66     }
MP 67
68     private void checkClient(String service) {
69         if (service == null) {
70             return;
71         }
72
73         client = realm.getClients().stream()
74                 .filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol()))
019db5 75                 .filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null)
4a6620 76                 .findFirst().orElse(null);
MP 77         if (client != null) {
019db5 78             redirectUri = RedirectUtils.verifyRedirectUri(session, service, client);
4a6620 79
MP 80             session.getContext().setClient(client);
81         }
7f7e0c 82     }
MP 83 }