Add event handler to support cross protocol logout

KaveeshaPiumini · Jul 30, 2019 · 83a336c · 83a336c
1 parent a6bd4f2
commit 83a336c
Show file tree

Hide file tree

Showing 2 changed files with 99 additions and 0 deletions.
diff --git a/...n/src/main/java/org/wso2/carbon/identity/oidc/session/handler/OIDCLogoutEventHandler.java b/...n/src/main/java/org/wso2/carbon/identity/oidc/session/handler/OIDCLogoutEventHandler.java
@@ -0,0 +1,88 @@
+/*
+ *  Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.wso2.carbon.identity.oidc.session.handler;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.identity.event.IdentityEventConstants.EventName;
+import org.wso2.carbon.identity.event.IdentityEventConstants.EventProperty;
+import org.wso2.carbon.identity.event.IdentityEventException;
+import org.wso2.carbon.identity.event.event.Event;
+import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
+import org.wso2.carbon.identity.oidc.session.backChannelLogout.LogoutRequestSender;
+import org.wso2.carbon.identity.oidc.session.util.OIDCSessionManagementUtil;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Event handler to support cross protocol logout.
+ */
+public class OIDCLogoutEventHandler extends AbstractEventHandler {
+
+    private static Log log = LogFactory.getLog(OIDCLogoutEventHandler.class);
+
+    @Override
+    public void handleEvent(Event event) throws IdentityEventException {
+
+        if (log.isDebugEnabled()) {
+            log.debug(event.getEventName() + " event received to OIDCLogoutEventHandler.");
+        }
+
+        if (StringUtils.equals(event.getEventName(), EventName.SESSION_TERMINATE.name())) {
+            HttpServletRequest request = getHttpRequestFromEvent(event);
+            Cookie opbsCookie = OIDCSessionManagementUtil.getOPBrowserStateCookie(request);
+
+            if (hasOPBSCookieValue(opbsCookie)) {
+                if (log.isDebugEnabled()) {
+                    log.debug("OPBS cookie with value " + opbsCookie.getValue() + " found. " +
+                            "Initiating session termination.");
+                }
+                LogoutRequestSender.getInstance().sendLogoutRequests(request);
+                OIDCSessionManagementUtil.getSessionManager().removeOIDCSessionState(opbsCookie.getValue());
+            } else {
+                if (log.isDebugEnabled()) {
+                    log.debug("There is no valid OIDC based service provider in the session to be terminated by " +
+                            "the OIDCLogoutEventHandler.");
+                }
+            }
+        }
+    }
+
+    @Override
+    public String getName() {
+
+        return "OIDCLogoutEventHandler";
+    }
+
+    private HttpServletRequest getHttpRequestFromEvent(Event event) {
+
+        return (HttpServletRequest) event.getEventProperties().get(EventProperty.REQUEST);
+    }
+
+    private boolean hasOPBSCookieValue (Cookie opbsCookie) {
+
+        String opbsCookieValue = null;
+
+        if (opbsCookie != null) {
+            opbsCookieValue = opbsCookie.getValue();
+        }
+
+        return StringUtils.isNotBlank(opbsCookieValue);
+    }
+}
diff --git a/...n/java/org/wso2/carbon/identity/oidc/session/internal/OIDCSessionManagementComponent.java b/...n/java/org/wso2/carbon/identity/oidc/session/internal/OIDCSessionManagementComponent.java
@@ -28,9 +28,11 @@
 import org.osgi.service.component.annotations.ReferencePolicy;
 import org.osgi.service.http.HttpService;
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
+import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
 import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
 import org.wso2.carbon.identity.oidc.session.OIDCSessionConstants;
 import org.wso2.carbon.identity.oidc.session.backChannelLogout.ClaimProviderImpl;
+import org.wso2.carbon.identity.oidc.session.handler.OIDCLogoutEventHandler;
 import org.wso2.carbon.identity.oidc.session.handler.OIDCLogoutHandler;
 import org.wso2.carbon.identity.oidc.session.servlet.OIDCLogoutServlet;
 import org.wso2.carbon.identity.oidc.session.servlet.OIDCSessionIFrameServlet;
@@ -88,6 +90,15 @@ protected void activate(ComponentContext context) {
         if (log.isDebugEnabled()) {
             log.debug("ClaimProvider bundle is activated");
         }
+
+        try {
+            context.getBundleContext().registerService(AbstractEventHandler.class.getName(),
+                    new OIDCLogoutEventHandler(), null);
+        } catch (Exception e) {
+            String msg = "Error when registering OIDCLogoutEventHandler.";
+            log.error(msg, e);
+            throw new RuntimeException(msg, e);
+        }
     }
 
     protected void deactivate(ComponentContext context) {