Repository: cxf-fediz Updated Branches: refs/heads/master d385478b9 -> b54fb6553
OIDC logout should use post_logout_redirect_uris, patch from Adrian Gonzalez applied, This closes #16 Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b54fb655 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b54fb655 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b54fb655 Branch: refs/heads/master Commit: b54fb65539ce18f0ab602fe75b01c3fdc270e6b1 Parents: d385478 Author: Sergey Beryozkin <[email protected]> Authored: Wed Apr 5 12:59:46 2017 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Wed Apr 5 12:59:46 2017 +0100 ---------------------------------------------------------------------- .../oidc/logout/LogoutRedirectConstraintHandler.java | 13 ++++++++++--- services/oidc/src/main/webapp/WEB-INF/views/client.jsp | 4 ++-- 2 files changed, 12 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b54fb655/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java index 8335a5c..150746a 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java @@ -20,6 +20,8 @@ package org.apache.cxf.fediz.service.oidc.logout; import java.io.IOException; +import java.util.Arrays; +import java.util.List; import java.util.regex.Pattern; import javax.security.auth.callback.Callback; @@ -27,6 +29,7 @@ import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import javax.servlet.http.HttpServletRequest; +import org.apache.commons.lang.StringUtils; import org.apache.cxf.fediz.core.spi.ReplyConstraintCallback; import org.apache.cxf.fediz.service.oidc.handler.hrd.ApplicationContextProvider; import org.apache.cxf.rs.security.oauth2.common.Client; @@ -36,7 +39,7 @@ import org.springframework.context.ApplicationContext; public class LogoutRedirectConstraintHandler implements CallbackHandler { - private static final String CLIENT_LOGOUT_URI = "client_logout_uri"; + private static final String POST_LOGOUT_REDIRECT_URIS = "post_logout_redirect_uris"; @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { @@ -61,9 +64,13 @@ public class LogoutRedirectConstraintHandler implements CallbackHandler { Client client = dataManager.getClient(clientId); if (client != null) { - String logoutUri = client.getProperties().get(CLIENT_LOGOUT_URI); + String logoutUri = client.getProperties().get(POST_LOGOUT_REDIRECT_URIS); if (logoutUri != null) { - return Pattern.compile(logoutUri); + List<String> uris = Arrays.asList(logoutUri.split(" ")); + for (int i = 0; i < uris.size(); i++) { + uris.set(i, "\\Q" + uris.get(i) + "\\E"); + } + return Pattern.compile("(" + StringUtils.join(uris, "|") + ")"); } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b54fb655/services/oidc/src/main/webapp/WEB-INF/views/client.jsp ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/webapp/WEB-INF/views/client.jsp b/services/oidc/src/main/webapp/WEB-INF/views/client.jsp index 6940715..597bd8a 100644 --- a/services/oidc/src/main/webapp/WEB-INF/views/client.jsp +++ b/services/oidc/src/main/webapp/WEB-INF/views/client.jsp @@ -156,8 +156,8 @@ <b>Logout URL</b> </td> <td> -<% if (client.getProperties().get("client_logout_uri") != null) { %> - <%= client.getProperties().get("client_logout_uri") %> +<% if (client.getProperties().get("post_logout_redirect_uris") != null) { %> + <%= client.getProperties().get("post_logout_redirect_uris") %> <% } %> </td> </tr>
