Skip to content

Commit

Permalink
Merge pull request #106 from georchestra/remove_logout_confirmation
Browse files Browse the repository at this point in the history
Removed logout confirmation page
  • Loading branch information
emmdurin authored Mar 1, 2024
2 parents 8464168 + c248595 commit 419e212
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 32 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -29,14 +29,14 @@
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity.LogoutSpec;
import org.springframework.security.oauth2.client.oidc.web.server.logout.OidcClientInitiatedServerLogoutSuccessHandler;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;

import lombok.extern.slf4j.Slf4j;

Expand Down Expand Up @@ -85,10 +85,6 @@ SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http,
// by proxified webapps, not the gateway.
http.csrf().disable();

http.formLogin()
.authenticationFailureHandler(new ExtendedRedirectServerAuthenticationFailureHandler("login?error"))
.loginPage("/login");

sortedCustomizers(customizers).forEach(customizer -> {
log.debug("Applying security customizer {}", customizer.getName());
customizer.customize(http);
Expand All @@ -99,7 +95,8 @@ SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http,
RedirectServerLogoutSuccessHandler defaultRedirect = new RedirectServerLogoutSuccessHandler();
defaultRedirect.setLogoutSuccessUrl(URI.create(georchestraLogoutUrl));

LogoutSpec logoutUrl = http.formLogin().loginPage("/login").and().logout().logoutUrl("/logout")
LogoutSpec logoutUrl = http.formLogin().loginPage("/login").and().logout()
.requiresLogout(ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, "/logout"))
.logoutSuccessHandler(oidcLogoutSuccessHandler != null ? oidcLogoutSuccessHandler : defaultRedirect);

return logoutUrl.and().build();
Expand Down
25 changes: 0 additions & 25 deletions gateway/src/main/resources/templates/logout.html

This file was deleted.

0 comments on commit 419e212

Please sign in to comment.