Merge pull request #1477 from CalebSLane/develop

SSO logout improvement

frontend/src/App.js

@@ -129,22 +129,53 @@ export default function App() {
   }
 
   const logout = () => {
-    fetch(config.serverBaseUrl + "/Logout", {
-      //includes the browser sessionId in the Header for Authentication on the backend server
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        "X-CSRF-Token": localStorage.getItem("CSRF"),
-      },
-    })
-      .then((response) => response.status)
-      .then(() => {
-        getUserSessionDetails();
-        window.location.href = config.loginRedirect;
+    if (userSessionDetails.loginMethod === "SAML") {
+      fetch(config.serverBaseUrl + "/Logout?useSAML=true", {
+        //includes the browser sessionId in the Header for Authentication on the backend server
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "X-CSRF-Token": localStorage.getItem("CSRF"),
+        },
       })
-      .catch((error) => {
-        console.error(error);
-      });
+        .then((response) => response.text())
+        .then((html) => {
+          const POPUP_HEIGHT = 700;
+          const POPUP_WIDTH = 600;
+          const top =
+            window.outerHeight / 2 + window.screenY - POPUP_HEIGHT / 2;
+          const left = window.outerWidth / 2 + window.screenX - POPUP_WIDTH / 2;
+          const newWindow = window.open(
+            "",
+            "SAML Popup",
+            `height=${POPUP_HEIGHT},width=${POPUP_WIDTH},top=${top},left=${left}`,
+          );
+          newWindow.document.write(html);
+          newWindow.document.close();
+          getUserSessionDetails();
+          window.location.href = config.loginRedirect;
+        })
+        .catch((error) => {
+          console.error(error);
+        });
+    } else {
+      fetch(config.serverBaseUrl + "/Logout", {
+        //includes the browser sessionId in the Header for Authentication on the backend server
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "X-CSRF-Token": localStorage.getItem("CSRF"),
+        },
+      })
+        .then((response) => response.status)
+        .then(() => {
+          getUserSessionDetails();
+          window.location.href = config.loginRedirect;
+        })
+        .catch((error) => {
+          console.error(error);
+        });
+    }
   };
 
   const changeLanguageReact = (lang) => {

frontend/src/components/common/PatientHeader.js

@@ -2,7 +2,6 @@ import React from "react";
 import { Grid, Column, Section, Tag } from "@carbon/react";
 import { FormattedMessage } from "react-intl";
 import Avatar from "react-avatar";
-import GeoPattern from "geopattern";
 
 const PatientHeader = (props) => {
   const {
@@ -23,7 +22,6 @@ const PatientHeader = (props) => {
     isOrderPage = false,
     className = "patient-header",
   } = props;
-  const patternUrl = GeoPattern.generate(id).toDataUri();
   return (
     <Grid fullWidth={true}>
       <Column lg={16} md={8} sm={4}>
@@ -49,7 +47,7 @@ const PatientHeader = (props) => {
                         size={referringFacility ? "150" : "120"}
                         textSizeRatio={2}
                         style={{
-                          backgroundImage: `url(${patternUrl})`,
+                          backgroundImage: `url('/images/patient-background.svg')`,
                           backgroundRepeat: "round",
                         }}
                       />
@@ -146,7 +144,7 @@ const PatientHeader = (props) => {
                       size={referringFacility ? "150" : "120"}
                       textSizeRatio={2}
                       style={{
-                        backgroundImage: `url(${patternUrl})`,
+                        backgroundImage: `url('/images/patient-background.svg')`,
                         backgroundRepeat: "round",
                       }}
                     />

frontend/src/components/layout/search/searchOutput.js

@@ -2,14 +2,12 @@ import React from "react";
 import { Grid, Column, Section, Tag, Tile } from "@carbon/react";
 import { FormattedMessage } from "react-intl";
 import Avatar from "react-avatar";
-import GeoPattern from "geopattern";
 import { openPatientResults } from "./searchService";
 
 const SearchOutput = ({ patientData, className = "patientHead" }) => {
   return (
     <div>
       {patientData.map((patient) => {
-        const patternUrl = GeoPattern.generate(patient.id).toDataUri();
         return (
           <Column lg={16} md={8} sm={4} key={patient.id}>
             <Section>
@@ -28,7 +26,7 @@ const SearchOutput = ({ patientData, className = "patientHead" }) => {
                         size={patient.referringFacility ? "50" : "40"}
                         textSizeRatio={2}
                         style={{
-                          backgroundImage: `url(${patternUrl})`,
+                          backgroundImage: `url('/images/patient-background.svg')`,
                           marginTop: "5px",
                         }}
                       />

src/main/java/org/openelisglobal/login/bean/UserSession.java

@@ -6,7 +6,12 @@
 
 public class UserSession {
 
+    public enum LoginMethod {
+        FORM, SAML, OAUTH, CERT, NONE
+    }
+
     private Boolean authenticated;
+    private LoginMethod loginMethod;
     private String sessionId;
     private String userId;
     private String loginName;
@@ -25,6 +30,14 @@ public void setAuthenticated(Boolean authenticated) {
         this.authenticated = authenticated;
     }
 
+    public LoginMethod getLoginMethod() {
+        return loginMethod;
+    }
+
+    public void setLoginMethod(LoginMethod loginMethod) {
+        this.loginMethod = loginMethod;
+    }
+
     public String getUserId() {
         return userId;
     }

src/main/java/org/openelisglobal/login/controller/LoginPageController.java

@@ -17,6 +17,7 @@
 import org.openelisglobal.common.util.ConfigurationProperties.Property;
 import org.openelisglobal.localization.service.LocalizationService;
 import org.openelisglobal.login.bean.UserSession;
+import org.openelisglobal.login.bean.UserSession.LoginMethod;
 import org.openelisglobal.login.form.LoginForm;
 import org.openelisglobal.login.valueholder.UserSessionData;
 import org.openelisglobal.role.service.RoleService;
@@ -135,6 +136,7 @@ public UserSession getSesssionDetails(HttpServletRequest request, CsrfToken toke
         session.setSessionId(request.getSession().getId());
         if (authenticated) {
             SystemUser user = systemUserService.get(getSysUserId(request));
+            setLoginMethod(request, session);
             session.setUserId(user.getId());
             session.setLoginName(user.getLoginName());
             session.setFirstName(user.getFirstName());
@@ -154,6 +156,16 @@ public UserSession getSesssionDetails(HttpServletRequest request, CsrfToken toke
         return session;
     }
 
+    private void setLoginMethod(HttpServletRequest request, UserSession session) {
+        if (Boolean.TRUE.equals(request.getSession().getAttribute("samlSession"))) {
+            session.setLoginMethod(LoginMethod.SAML);
+        } else if (Boolean.TRUE.equals(request.getSession().getAttribute("oauthSession"))) {
+            session.setLoginMethod(LoginMethod.OAUTH);
+        } else {
+            session.setLoginMethod(LoginMethod.FORM);
+        }
+    }
+
     private void setLabunitRolesForExistingUser(HttpServletRequest request, UserSession session) {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
 

src/main/java/org/openelisglobal/security/SecurityConfig.java

@@ -270,7 +270,8 @@ protected void configure(HttpSecurity http) throws Exception {
                     .createDefaultAssertionValidator();
             authenticationProvider.setAssertionValidator(validator);
             http.requestMatcher(new SamlRequestedMatcher()).authorizeRequests().anyRequest().authenticated().and()
-                    .saml2Logout().and().saml2Login().authenticationManager(new ProviderManager(authenticationProvider))
+                    .saml2Logout().logoutUrl("/Logout").and().saml2Login()
+                    .authenticationManager(new ProviderManager(authenticationProvider))
                     .failureHandler(customAuthenticationFailureHandler())
                     .successHandler(customAuthenticationSuccessHandler())
                     .relyingPartyRegistrationRepository(relyingPartyRegistrationRepository());

src/main/webapp/pages/common/banner.jsp

@@ -115,7 +115,7 @@ jQuery(document).ready(function() {
 			<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/> 
 			</div></form>
 			<c:if test="${sessionScope.samlSession}">
-				<spring:url value="/logout?useSAML=true" var="logoutSAMLUrl"/>
+				<spring:url value="/Logout?useSAML=true" var="logoutSAMLUrl"/>
 				</br>
 				<form id="logout-form-saml" method="post" action="${logoutSAMLUrl}">
 				<input type="submit" value="<spring:message code="homePage.menu.logOut.saml"/>" class="btn-link"/>