49 lines
1.8 KiB
Java
49 lines
1.8 KiB
Java
package de.szut.lf8_starter.security;
|
|
|
|
import lombok.extern.slf4j.Slf4j;
|
|
import org.springframework.http.ResponseEntity;
|
|
import org.springframework.security.core.Authentication;
|
|
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
|
|
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
|
import org.springframework.stereotype.Component;
|
|
import org.springframework.web.client.RestTemplate;
|
|
import org.springframework.web.util.UriComponentsBuilder;
|
|
|
|
import jakarta.servlet.http.HttpServletRequest;
|
|
import jakarta.servlet.http.HttpServletResponse;
|
|
|
|
@Slf4j
|
|
@Component
|
|
public class KeycloakLogoutHandler implements LogoutHandler {
|
|
|
|
|
|
private final RestTemplate restTemplate;
|
|
|
|
public KeycloakLogoutHandler(RestTemplate restTemplate) {
|
|
this.restTemplate = restTemplate;
|
|
}
|
|
|
|
@Override
|
|
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
|
|
logout(request, auth);
|
|
}
|
|
|
|
public void logout(HttpServletRequest request, Authentication auth) {
|
|
logoutFromKeycloak((OidcUser) auth.getPrincipal());
|
|
}
|
|
|
|
private void logoutFromKeycloak(OidcUser user) {
|
|
String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout";
|
|
UriComponentsBuilder builder = UriComponentsBuilder
|
|
.fromUriString(endSessionEndpoint)
|
|
.queryParam("id_token_hint", user.getIdToken().getTokenValue());
|
|
|
|
ResponseEntity<String> logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class);
|
|
if (logoutResponse.getStatusCode().is2xxSuccessful()) {
|
|
log.info("Successfulley logged out from Keycloak");
|
|
} else {
|
|
log.error("Could not propagate logout to Keycloak");
|
|
}
|
|
}
|
|
|
|
}
|