thenatog commented on a change in pull request #4593: URL: https://github.com/apache/nifi/pull/4593#discussion_r509401269
########## File path: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java ########## @@ -851,6 +1086,47 @@ private void forwardToMessagePage(final HttpServletRequest httpServletRequest, f uiContext.getRequestDispatcher("/WEB-INF/pages/message-page.jsp").forward(httpServletRequest, httpServletResponse); } + private String determineLogoutMethod(String oidcDiscoveryUrl) { + Matcher accessTokenMatcher = REVOKE_ACCESS_TOKEN_LOGOUT_FORMAT.matcher(oidcDiscoveryUrl); + Matcher idTokenMatcher = ID_TOKEN_LOGOUT_FORMAT.matcher(oidcDiscoveryUrl); + + if (accessTokenMatcher.find()) { + return REVOKE_ACCESS_TOKEN_LOGOUT; + } else if (idTokenMatcher.find()) { + return ID_TOKEN_LOGOUT; + } else { + return STANDARD_LOGOUT; + } + } + + private URI oidcRequestAuthorizationCode(@Context HttpServletResponse httpServletResponse, String callback) { + + final String oidcRequestIdentifier = UUID.randomUUID().toString(); + + // generate a cookie to associate this login sequence + final Cookie cookie = new Cookie(OIDC_REQUEST_IDENTIFIER, oidcRequestIdentifier); Review comment: This cookie generation is done in two places (lines 1104 -1115 and 194-205). You could extract this to a private cookie generation method, something along the lines of: httpServletResponse.addCookie(generateCookie(oidcRequestIdentifier)); ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org