From dc8c0bf90a6fe80eba6b6d27c693217651c91c8c Mon Sep 17 00:00:00 2001 From: Deenath Geeganage Date: Tue, 31 Jan 2023 15:40:43 +0530 Subject: [PATCH] remove nullifying cookies --- .../interceptor/SsoLoginCallbackHandler.java | 10 ++++ .../request/interceptor/SsoLogoutHandler.java | 51 ++++++++++++++++--- 2 files changed, 54 insertions(+), 7 deletions(-) diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java index 30efb713d5..7ea6ab8e13 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java @@ -48,6 +48,12 @@ public class SsoLoginCallbackHandler extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { String code = req.getParameter("code"); + try{ + String token = req.getParameter("token"); + System.out.println(token); + }catch(Exception e){ + System.out.println("meka nemei oi"); + } HttpSession session = req.getSession(false); String iotsCoreUrl = req.getScheme() + HandlerConstants.SCHEME_SEPARATOR + System.getProperty(HandlerConstants.IOT_CORE_HOST_ENV_VAR) @@ -93,6 +99,10 @@ public class SsoLoginCallbackHandler extends HttpServlet { authData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString()); authData.setScope(jTokenResultAsJsonObject.get("scope").getAsString()); session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData); + HttpSession httpSession = req.getSession(false); +// String unformatedToken = jTokenResultAsJsonObject.get("id_token").getAsString(); +// httpSession.setAttribute("idToken",unformatedToken.substring(1, unformatedToken.length() - 1)); + httpSession.setAttribute("code",code); resp.sendRedirect(session.getAttribute("redirectUrl").toString()); } } diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLogoutHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLogoutHandler.java index 0e46e759f6..5e05f81573 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLogoutHandler.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLogoutHandler.java @@ -22,8 +22,13 @@ import io.entgra.ui.request.interceptor.util.HandlerConstants; import io.entgra.ui.request.interceptor.util.HandlerUtil; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.http.HttpHeaders; import org.apache.http.HttpStatus; import io.entgra.ui.request.interceptor.beans.ProxyResponse; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.entity.ContentType; +import org.apache.http.entity.StringEntity; import javax.servlet.annotation.MultipartConfig; import javax.servlet.annotation.WebServlet; @@ -40,23 +45,55 @@ public class SsoLogoutHandler extends HttpServlet { private static final Log log = LogFactory.getLog(SsoLogoutHandler.class); protected void doPost(HttpServletRequest req, HttpServletResponse resp) { - for (String path : HandlerConstants.SSO_LOGOUT_COOKIE_PATHS) { - removeCookie(HandlerConstants.JSESSIONID_KEY, path, resp); - } - removeCookie(HandlerConstants.COMMON_AUTH_ID_KEY, "/", resp); +// for (String path : HandlerConstants.SSO_LOGOUT_COOKIE_PATHS) { +// removeCookie(HandlerConstants.JSESSIONID_KEY, path, resp); +// } +// removeCookie(HandlerConstants.COMMON_AUTH_ID_KEY, "/", resp); ProxyResponse proxyResponse = new ProxyResponse(); proxyResponse.setStatus(ProxyResponse.Status.SUCCESS); proxyResponse.setCode(HttpStatus.SC_OK); HttpSession session = req.getSession(false); + String clientId = null; + String code = null; if (session != null) { - session.invalidate(); + clientId = (String) session.getAttribute("clientId"); + code = (String) session.getAttribute("code"); + System.out.println(code); +// session.invalidate(); } try { - HandlerUtil.handleSuccess(resp, proxyResponse); +// String redirect = "https://localhost:9443/oidc/logout?response_type=code&client_id=" + clientId +"&state&scope=openid&redirect_uri=" + "https://localhost:9443/commonauth"; + String redirect = "https://localhost:9443/oidc/logout"+ + "?code=" + code + +// "?id_token_hint=" + code + + "&post_logout_redirect_uri=" + "https://localhost:9443/commonauth"; + System.out.println(redirect); + System.out.println("\n\n\n"); + System.out.println(code); + if(session!=null){ + session.invalidate(); + } + +// resp.sendRedirect("https://localhost:9443/oidc/logout"+ +// "?id_token_hint=" + code+"&post_logout_redirect_uri=https://localhost:9443/commonauth"); +// HttpGet getApplicationEndpoint = new HttpGet(redirect); +// ProxyResponse getApplicationResponse = HandlerUtil.execute(getApplicationEndpoint); +// System.out.println(getApplicationResponse.getCode()); +// HttpGet getApplicationEndpoint2 = new HttpGet("https://api.asgardeo.io/t/noobie/oidc/logout"); +// ProxyResponse getApplicationResponse2 = HandlerUtil.execute(getApplicationEndpoint2); +// System.out.println(getApplicationResponse2); + resp.sendRedirect(redirect); + return; } catch (IOException e) { - log.error("Error occurred when processing logout request.", e); +// } catch (Exception e) { + log.error("123 bumble bee"); } +// try { +// HandlerUtil.handleSuccess(resp, proxyResponse); +// } catch (IOException e) { +// log.error("Error occurred when processing logout request.", e); +// } } private static void removeCookie(String cookieName,String path, HttpServletResponse response) {