org.xdi.oxauth.authorize.ws.rs.LogoutAction 連携図

クラス
enum	ExternalLogoutResult

class	LogoutParameters

公開メンバ関数
String	getIdTokenHint ()

void	setIdTokenHint (String idTokenHint)

String	getPostLogoutRedirectUri ()

void	setPostLogoutRedirectUri (String postLogoutRedirectUri)

void	redirect ()

void	missingLogoutParameters ()

void	logoutFailed ()

非公開メンバ関数
boolean	validateParameters ()

ExternalLogoutResult	processExternalAuthenticatorLogOut (SessionId sessionId)

void	storeLogoutParametersInSession (SessionId sessionId) throws JsonGenerationException, JsonMappingException, IOException

boolean	restoreLogoutParametersFromSession (SessionId sessionId) throws IllegalArgumentException, JsonParseException, JsonMappingException, IOException

非公開変数類
Logger	log

AuthorizationGrantList	authorizationGrantList

SessionIdService	sessionIdService

ExternalAuthenticationService	externalAuthenticationService

JsonService	jsonService

AppConfiguration	appConfiguration

FacesService	facesService

FacesContext	facesContext

LanguageBean	languageBean

String	idTokenHint

String	postLogoutRedirectUri

SessionId	sessionId

静的非公開変数類
static final String	EXTERNAL_LOGOUT = "external_logout"

static final String	EXTERNAL_LOGOUT_DATA = "external_logout_data"

詳解

著者: Javier Rojas Blum; Yuriy Movchan

バージョン: August 9, 2017

クラス詳解

◆ org::xdi::oxauth::authorize::ws::rs::LogoutAction::ExternalLogoutResult

enum org::xdi::oxauth::authorize::ws::rs::LogoutAction::ExternalLogoutResult

org.xdi.oxauth.authorize.ws.rs.LogoutAction.ExternalLogoutResult 連携図

列挙値
FAILURE
REDIRECT
SUCCESS

関数詳解

◆ getIdTokenHint()

String org.xdi.oxauth.authorize.ws.rs.LogoutAction.getIdTokenHint ( )

inline

                                    {
         return idTokenHint;
     }

◆ getPostLogoutRedirectUri()

String org.xdi.oxauth.authorize.ws.rs.LogoutAction.getPostLogoutRedirectUri ( )

inline

                                              {
         return postLogoutRedirectUri;
     }

◆ logoutFailed()

void org.xdi.oxauth.authorize.ws.rs.LogoutAction.logoutFailed ( )

inline

                                {
         String message = languageBean.getMessage("logout.failedToProceed");
         facesContext.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, message, message));
         facesService.redirect("/error.xhtml");
     }

◆ missingLogoutParameters()

void org.xdi.oxauth.authorize.ws.rs.LogoutAction.missingLogoutParameters ( )

inline

                                           {
         String message = languageBean.getMessage("logout.missingParameters");
         facesContext.addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, message, message));
         facesService.redirect("/error.xhtml");
     }

◆ processExternalAuthenticatorLogOut()

ExternalLogoutResult org.xdi.oxauth.authorize.ws.rs.LogoutAction.processExternalAuthenticatorLogOut ( SessionId sessionId )

inlineprivate

                                                                                          {
         if ((sessionId != null) && sessionId.getSessionAttributes().containsKey(EXTERNAL_LOGOUT)) {
             log.debug("Detected callback from external system. Resuming logout.");
             return ExternalLogoutResult.SUCCESS;
         }
 
         AuthorizationGrant authorizationGrant = authorizationGrantList.getAuthorizationGrantByIdToken(idTokenHint);
         if (authorizationGrant == null) {
             Boolean endSessionWithAccessToken = appConfiguration.getEndSessionWithAccessToken();
             if ((endSessionWithAccessToken != null) && endSessionWithAccessToken) {
                 authorizationGrant = authorizationGrantList.getAuthorizationGrantByAccessToken(idTokenHint);
             }
         }
         if ((authorizationGrant == null) && (sessionId == null)) {
             return ExternalLogoutResult.FAILURE;
         }
 
         String acrValues;
         if (authorizationGrant == null) {
             acrValues = sessionIdService.getAcr(sessionId);
         } else {
             acrValues = authorizationGrant.getAcrValues();
         }
 
         boolean isExternalAuthenticatorLogoutPresent = StringHelper.isNotEmpty(acrValues);
         if (isExternalAuthenticatorLogoutPresent) {
             log.debug("Attemptinmg to execute logout method of '{}' external authenticator.", acrValues);
 
             CustomScriptConfiguration customScriptConfiguration = externalAuthenticationService.getCustomScriptConfigurationByName(acrValues);
             if (customScriptConfiguration == null) {
                 log.error("Failed to get ExternalAuthenticatorConfiguration. acr_values: {}", acrValues);
                 return ExternalLogoutResult.FAILURE;
             } else {
                 boolean scriptExternalLogoutResult = externalAuthenticationService.executeExternalLogout(customScriptConfiguration, null);
                 ExternalLogoutResult externalLogoutResult = scriptExternalLogoutResult ? ExternalLogoutResult.SUCCESS : ExternalLogoutResult.FAILURE;
                 log.debug("Logout result is '{}' for session '{}', userDn: '{}'", externalLogoutResult, sessionId.getId(), sessionId.getUserDn());
 
                 int apiVersion = externalAuthenticationService.executeExternalGetApiVersion(customScriptConfiguration);
                 if (apiVersion < 3) {
                     // Not support redirect to external system at logout
                     return externalLogoutResult;
                 }
 
                 log.trace("According to API version script supports logout redirects");
                 String logoutExternalUrl = externalAuthenticationService.getLogoutExternalUrl(customScriptConfiguration, null);
                 log.debug("External logout result is '{}' for user '{}'", logoutExternalUrl, sessionId.getUserDn());
 
                 if (StringHelper.isEmpty(logoutExternalUrl)) {
                     return externalLogoutResult;
                 }
 
                 // Store in session parameters needed to call end_session
                 try {
                     storeLogoutParametersInSession(sessionId);
                 } catch (IOException ex) {
                     log.debug("Failed to persist logout parameters in session", ex);
 
                     return ExternalLogoutResult.FAILURE;
                 }
 
                 // Redirect to external URL
                 facesService.redirectToExternalURL(logoutExternalUrl);
                 return ExternalLogoutResult.REDIRECT;
             }
         } else {
             return ExternalLogoutResult.SUCCESS;
         }
     }

◆ redirect()

void org.xdi.oxauth.authorize.ws.rs.LogoutAction.redirect ( )

inline

                            {
         SessionId sessionId = sessionIdService.getSessionId();
 
         boolean validationResult = validateParameters();
         if (!validationResult) {
             try {
                 restoreLogoutParametersFromSession(sessionId);
             } catch (IOException ex) {
                 logoutFailed();
                 log.debug("Failed to restore logout parameters from session", ex);
             }
 
             validationResult = validateParameters();
             if (!validationResult) {
                 missingLogoutParameters();
                 return;
             }
         }
 
         ExternalLogoutResult externalLogoutResult = processExternalAuthenticatorLogOut(sessionId);
         if (ExternalLogoutResult.FAILURE == externalLogoutResult) {
             logoutFailed();
             return;
         } else if (ExternalLogoutResult.REDIRECT == externalLogoutResult) {
             return;
         }
 
         StringBuilder sb = new StringBuilder();
 
         // Required parameters
         if (idTokenHint != null && !idTokenHint.isEmpty()) {
             sb.append(EndSessionRequestParam.ID_TOKEN_HINT + "=").append(idTokenHint);
         }
 
         if (sessionId != null && !postLogoutRedirectUri.isEmpty()) {
             sb.append("&" + EndSessionRequestParam.SESSION_ID + "=").append(sessionId.getId());
         }
 
         if (postLogoutRedirectUri != null && !postLogoutRedirectUri.isEmpty()) {
             sb.append("&" + EndSessionRequestParam.POST_LOGOUT_REDIRECT_URI + "=").append(postLogoutRedirectUri);
         }
 
         facesService.redirectToExternalURL("restv1/end_session?" + sb.toString());
     }

◆ restoreLogoutParametersFromSession()

boolean org.xdi.oxauth.authorize.ws.rs.LogoutAction.restoreLogoutParametersFromSession ( SessionId sessionId ) throws IllegalArgumentException, JsonParseException, JsonMappingException, IOException

inlineprivate

                                                                                                                                                                    {
         if (sessionId == null) {
             return false;
         }
 
         this.sessionId = sessionId;
         Map<String, String> sessionAttributes = sessionId.getSessionAttributes();
 
         boolean restoreParameters = sessionAttributes.containsKey(EXTERNAL_LOGOUT);
         if (!restoreParameters) {
             return false;
         }
 
         String logoutParametersBase64 = sessionAttributes.get(EXTERNAL_LOGOUT_DATA);
         String logoutParametersJson = new String(Base64Util.base64urldecode(logoutParametersBase64), Util.UTF8_STRING_ENCODING);
 
         LogoutParameters logoutParameters = jsonService.jsonToObject(logoutParametersJson, LogoutParameters.class);
 
         this.idTokenHint = logoutParameters.getIdTokenHint();
         this.postLogoutRedirectUri = logoutParameters.getPostLogoutRedirectUri();
 
         return true;
     }

◆ setIdTokenHint()

void org.xdi.oxauth.authorize.ws.rs.LogoutAction.setIdTokenHint ( String idTokenHint )

inline

                                                    {
         this.idTokenHint = idTokenHint;
     }

◆ setPostLogoutRedirectUri()

void org.xdi.oxauth.authorize.ws.rs.LogoutAction.setPostLogoutRedirectUri ( String postLogoutRedirectUri )

inline

                                                                        {
         this.postLogoutRedirectUri = postLogoutRedirectUri;
     }

◆ storeLogoutParametersInSession()

void org.xdi.oxauth.authorize.ws.rs.LogoutAction.storeLogoutParametersInSession ( SessionId sessionId ) throws JsonGenerationException, JsonMappingException, IOException

inlineprivate

                                                                                                                                        {
         Map<String, String> sessionAttributes = sessionId.getSessionAttributes();
 
         LogoutParameters logoutParameters = new LogoutParameters(idTokenHint, postLogoutRedirectUri);
 
         String logoutParametersJson = jsonService.objectToJson(logoutParameters);
         String logoutParametersBase64 = Base64Util.base64urlencode(logoutParametersJson.getBytes(Util.UTF8_STRING_ENCODING));
 
         sessionAttributes.put(EXTERNAL_LOGOUT, Boolean.toString(true));
         sessionAttributes.put(EXTERNAL_LOGOUT_DATA, logoutParametersBase64);
 
         sessionIdService.updateSessionId(sessionId);
     }

◆ validateParameters()

boolean org.xdi.oxauth.authorize.ws.rs.LogoutAction.validateParameters ( )

inlineprivate

                                          {
         return (StringHelper.isNotEmpty(idTokenHint) || (sessionId != null)) && StringHelper.isNotEmpty(postLogoutRedirectUri);
     }

メンバ詳解

◆ appConfiguration

AppConfiguration org.xdi.oxauth.authorize.ws.rs.LogoutAction.appConfiguration

private

◆ authorizationGrantList

AuthorizationGrantList org.xdi.oxauth.authorize.ws.rs.LogoutAction.authorizationGrantList

private

◆ EXTERNAL_LOGOUT

final String org.xdi.oxauth.authorize.ws.rs.LogoutAction.EXTERNAL_LOGOUT = "external_logout"

staticprivate

◆ EXTERNAL_LOGOUT_DATA

final String org.xdi.oxauth.authorize.ws.rs.LogoutAction.EXTERNAL_LOGOUT_DATA = "external_logout_data"

staticprivate

◆ externalAuthenticationService

ExternalAuthenticationService org.xdi.oxauth.authorize.ws.rs.LogoutAction.externalAuthenticationService

private

◆ facesContext

FacesContext org.xdi.oxauth.authorize.ws.rs.LogoutAction.facesContext

private

◆ facesService

FacesService org.xdi.oxauth.authorize.ws.rs.LogoutAction.facesService

private

◆ idTokenHint

String org.xdi.oxauth.authorize.ws.rs.LogoutAction.idTokenHint

private

◆ jsonService

JsonService org.xdi.oxauth.authorize.ws.rs.LogoutAction.jsonService

private

◆ languageBean

LanguageBean org.xdi.oxauth.authorize.ws.rs.LogoutAction.languageBean

private

◆ log

Logger org.xdi.oxauth.authorize.ws.rs.LogoutAction.log

private

◆ postLogoutRedirectUri

String org.xdi.oxauth.authorize.ws.rs.LogoutAction.postLogoutRedirectUri

private

◆ sessionId

SessionId org.xdi.oxauth.authorize.ws.rs.LogoutAction.sessionId

private

◆ sessionIdService

SessionIdService org.xdi.oxauth.authorize.ws.rs.LogoutAction.sessionIdService

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/authorize/ws/rs/LogoutAction.java

クラス

公開メンバ関数

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

クラス詳解

◆ org::xdi::oxauth::authorize::ws::rs::LogoutAction::ExternalLogoutResult

関数詳解

◆ getIdTokenHint()

◆ getPostLogoutRedirectUri()

◆ logoutFailed()

◆ missingLogoutParameters()

◆ processExternalAuthenticatorLogOut()

◆ redirect()

◆ restoreLogoutParametersFromSession()

◆ setIdTokenHint()

◆ setPostLogoutRedirectUri()

◆ storeLogoutParametersInSession()

◆ validateParameters()

メンバ詳解

◆ appConfiguration

◆ authorizationGrantList

◆ EXTERNAL_LOGOUT

◆ EXTERNAL_LOGOUT_DATA

◆ externalAuthenticationService

◆ facesContext

◆ facesService

◆ idTokenHint

◆ jsonService

◆ languageBean

◆ log

◆ postLogoutRedirectUri

◆ sessionId

◆ sessionIdService