| | |
| | | package org.keycloak.protocol.cas.endpoints; |
| | | |
| | | import jakarta.ws.rs.GET; |
| | | import jakarta.ws.rs.QueryParam; |
| | | import jakarta.ws.rs.core.Context; |
| | | import jakarta.ws.rs.core.HttpHeaders; |
| | | import jakarta.ws.rs.core.Response; |
| | | import org.jboss.logging.Logger; |
| | | import org.jboss.resteasy.annotations.cache.NoCache; |
| | | import org.jboss.resteasy.spi.HttpRequest; |
| | | import org.keycloak.common.ClientConnection; |
| | | import org.keycloak.events.EventBuilder; |
| | | import org.keycloak.models.ClientModel; |
| | | import org.keycloak.models.KeycloakSession; |
| | | import org.keycloak.models.RealmModel; |
| | |
| | | import org.keycloak.services.managers.AuthenticationManager; |
| | | import org.keycloak.services.messages.Messages; |
| | | |
| | | import javax.ws.rs.GET; |
| | | import javax.ws.rs.QueryParam; |
| | | import javax.ws.rs.core.Context; |
| | | import javax.ws.rs.core.HttpHeaders; |
| | | import javax.ws.rs.core.Response; |
| | | import java.net.URI; |
| | | |
| | | public class LogoutEndpoint { |
| | | private static final Logger logger = Logger.getLogger(LogoutEndpoint.class); |
| | |
| | | private HttpHeaders headers; |
| | | |
| | | private RealmModel realm; |
| | | private EventBuilder event; |
| | | private ClientModel client; |
| | | private String redirectUri; |
| | | |
| | | public LogoutEndpoint(RealmModel realm, EventBuilder event) { |
| | | public LogoutEndpoint(RealmModel realm) { |
| | | this.realm = realm; |
| | | this.event = event; |
| | | } |
| | | |
| | | @GET |
| | |
| | | if (authResult != null) { |
| | | UserSessionModel userSession = authResult.getSession(); |
| | | userSession.setNote(AuthenticationManager.KEYCLOAK_LOGOUT_PROTOCOL, CASLoginProtocol.LOGIN_PROTOCOL); |
| | | if (redirectUri != null) userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri); |
| | | |
| | | if (redirectUri != null) { |
| | | userSession.setNote(CASLoginProtocol.LOGOUT_REDIRECT_URI, redirectUri); |
| | | } |
| | | |
| | | logger.debug("Initiating CAS browser logout"); |
| | | Response response = AuthenticationManager.browserLogout(session, realm, authResult.getSession(), session.getContext().getUri(), clientConnection, headers); |
| | | logger.debug("finishing CAS browser logout"); |
| | | return response; |
| | | } |
| | | |
| | | if (redirectUri != null) { |
| | | logger.debugv("no active session, redirecting to {0}", redirectUri); |
| | | return Response.status(302).location(URI.create(redirectUri)).build(); |
| | | } |
| | | |
| | | return ErrorPage.error(session, null, Response.Status.BAD_REQUEST, Messages.FAILED_LOGOUT); |
| | | } |
| | | |
| | |
| | | return; |
| | | } |
| | | |
| | | client = realm.getClients().stream() |
| | | client = realm.getClientsStream() |
| | | .filter(c -> CASLoginProtocol.LOGIN_PROTOCOL.equals(c.getProtocol())) |
| | | .filter(c -> RedirectUtils.verifyRedirectUri(session, service, c) != null) |
| | | .findFirst().orElse(null); |