Example 1 with OIDCSessionManagementException
use of org.wso2.carbon.identity.oidc.session.OIDCSessionManagementException in project identity-inbound-auth-oauth by wso2-extensions.
the class OIDCLogoutServlet method handleLogoutResponseFromFramework.
private void handleLogoutResponseFromFramework(HttpServletRequest request, HttpServletResponse response) throws IOException {
String sessionDataKey = request.getParameter(FrameworkConstants.SESSION_DATA_KEY);
OIDCSessionDataCacheEntry cacheEntry = getSessionDataFromCache(sessionDataKey);
String obpsCookieValue = getOPBrowserState(request);
String tenantDomain = OAuth2Util.resolveTenantDomain(request);
if (cacheEntry != null) {
if (log.isDebugEnabled()) {
String clientId = cacheEntry.getParamMap().get(OIDCSessionConstants.OIDC_CACHE_CLIENT_ID_PARAM);
String sidClaim;
log.debug("Logout request received from client: " + clientId);
if (StringUtils.isNotBlank(obpsCookieValue)) {
OIDCSessionState sessionState = OIDCSessionManagementUtil.getSessionManager().getOIDCSessionState(obpsCookieValue, tenantDomain);
if (sessionState != null) {
sidClaim = sessionState.getSidClaim();
log.debug("Logout request received for sessionId: " + sidClaim);
}
}
}
// BackChannel logout request.
doBackChannelLogout(obpsCookieValue, tenantDomain);
String redirectURL = cacheEntry.getPostLogoutRedirectUri();
if (redirectURL == null) {
redirectURL = OIDCSessionManagementUtil.getOIDCLogoutURL();
}
try {
triggerLogoutHandlersForPostLogout(request, response);
} catch (OIDCSessionManagementException e) {
log.error("Error executing logout handlers on post logout.");
if (log.isDebugEnabled()) {
log.debug("Error executing logout handlers on post logout.", e);
}
response.sendRedirect(getRedirectURL(getErrorPageURL(OAuth2ErrorCodes.SERVER_ERROR, "User logout failed."), request));
}
redirectURL = appendStateQueryParam(redirectURL, cacheEntry.getState());
removeSessionDataFromCache(sessionDataKey);
OIDCSessionManagementUtil.getSessionManager().removeOIDCSessionState(obpsCookieValue, tenantDomain);
// Clear binding elements from the response.
clearTokenBindingElements(cacheEntry.getParamMap().get(OIDCSessionConstants.OIDC_CACHE_CLIENT_ID_PARAM), request, response);
response.sendRedirect(buildRedirectURLAfterLogout(redirectURL, request));
} else {
response.sendRedirect(getRedirectURL(getErrorPageURL(OAuth2ErrorCodes.SERVER_ERROR, "User logout failed"), request));
}
}
Also used :
OIDCSessionState(org.wso2.carbon.identity.oidc.session.OIDCSessionState)
OIDCSessionDataCacheEntry(org.wso2.carbon.identity.oidc.session.cache.OIDCSessionDataCacheEntry)
OIDCSessionManagementException(org.wso2.carbon.identity.oidc.session.OIDCSessionManagementException)
Example 2 with OIDCSessionManagementException
use of org.wso2.carbon.identity.oidc.session.OIDCSessionManagementException in project identity-inbound-auth-oauth by wso2-extensions.
the class OIDCLogoutServlet method sendToFrameworkForLogout.
private void sendToFrameworkForLogout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try {
triggerLogoutHandlersForPreLogout(request, response);
} catch (OIDCSessionManagementException e) {
log.error("Error executing logout handlers on pre logout.");
if (log.isDebugEnabled()) {
log.debug("Error executing logout handlers on pre logout.", e);
}
response.sendRedirect(getRedirectURL(getErrorPageURL(OAuth2ErrorCodes.SERVER_ERROR, "User logout failed."), request));
}
// Generate a SessionDataKey. Authentication framework expects this parameter
String sessionDataKey = UUID.randomUUID().toString();
String opBrowserStateCookieValue = OIDCSessionManagementUtil.getOPBrowserStateCookie(request).getValue();
// Add all parameters to authentication context before sending to authentication framework
AuthenticationRequest authenticationRequest = new AuthenticationRequest();
Map<String, String[]> map = new HashMap<>();
map.put(OIDCSessionConstants.OIDC_SESSION_DATA_KEY_PARAM, new String[] { sessionDataKey });
authenticationRequest.setRequestQueryParams(map);
authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT, new String[] { "true" });
try {
authenticationRequest.setCommonAuthCallerPath(ServiceURLBuilder.create().addPath(OIDC_LOGOUT_ENDPOINT).build().getRelativeInternalURL());
} catch (URLBuilderException e) {
log.error("Error building commonauth caller path to send logout request to framework.", e);
response.sendRedirect(getRedirectURL(getErrorPageURL(OAuth2ErrorCodes.SERVER_ERROR, "User logout failed."), request));
}
authenticationRequest.setPost(true);
OIDCSessionDataCacheEntry cacheEntry = getSessionDataFromCache(opBrowserStateCookieValue);
if (cacheEntry != null) {
authenticationRequest.setRelyingParty(cacheEntry.getParamMap().get(OIDCSessionConstants.OIDC_CACHE_CLIENT_ID_PARAM));
authenticationRequest.setTenantDomain(cacheEntry.getParamMap().get(OIDCSessionConstants.OIDC_CACHE_TENANT_DOMAIN_PARAM));
addOPBSCookieValueToCacheEntry(opBrowserStateCookieValue, cacheEntry);
addSessionDataToCache(sessionDataKey, cacheEntry);
}
// Add headers to AuthenticationRequestContext
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) {
String headerName = e.nextElement().toString();
authenticationRequest.addHeader(headerName, request.getHeader(headerName));
}
AuthenticationRequestCacheEntry authenticationRequestCacheEntry = new AuthenticationRequestCacheEntry(authenticationRequest);
addAuthenticationRequestToRequest(request, authenticationRequestCacheEntry);
OIDCSessionManagementUtil.removeOPBrowserStateCookie(request, response);
sendRequestToFramework(request, response, sessionDataKey, FrameworkConstants.RequestType.CLAIM_TYPE_OIDC);
}
Also used :
URLBuilderException(org.wso2.carbon.identity.core.URLBuilderException)
Enumeration(java.util.Enumeration)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
OIDCSessionDataCacheEntry(org.wso2.carbon.identity.oidc.session.cache.OIDCSessionDataCacheEntry)
AuthenticationRequest(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest)
OIDCSessionManagementException(org.wso2.carbon.identity.oidc.session.OIDCSessionManagementException)
AuthenticationRequestCacheEntry(org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheEntry)
Aggregations
OIDCSessionManagementException (org.wso2.carbon.identity.oidc.session.OIDCSessionManagementException)2
OIDCSessionDataCacheEntry (org.wso2.carbon.identity.oidc.session.cache.OIDCSessionDataCacheEntry)2
Enumeration (java.util.Enumeration)1
HashMap (java.util.HashMap)1
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1
AuthenticationRequestCacheEntry (org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheEntry)1
AuthenticationRequest (org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest)1
URLBuilderException (org.wso2.carbon.identity.core.URLBuilderException)1
OIDCSessionState (org.wso2.carbon.identity.oidc.session.OIDCSessionState)1
