From a8a3b2d774b753ed41e136da7ab15e6840b1b3a8 Mon Sep 17 00:00:00 2001
From: Phan Huy Tran <p.tran@neusta.de>
Date: Thu, 13 Feb 2025 12:54:23 +0100
Subject: [PATCH] chore: remove unused logout handler

---
 .../security/KeycloakLogoutHandler.java       | 48 -------------------
 .../security/KeycloakSecurityConfig.java      | 17 ++-----
 2 files changed, 4 insertions(+), 61 deletions(-)
 delete mode 100644 backend/src/main/java/de/szut/casino/security/KeycloakLogoutHandler.java

diff --git a/backend/src/main/java/de/szut/casino/security/KeycloakLogoutHandler.java b/backend/src/main/java/de/szut/casino/security/KeycloakLogoutHandler.java
deleted file mode 100644
index 5e08794..0000000
--- a/backend/src/main/java/de/szut/casino/security/KeycloakLogoutHandler.java
+++ /dev/null
@@ -1,48 +0,0 @@
-package de.szut.casino.security;
-
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
-import org.springframework.security.web.authentication.logout.LogoutHandler;
-import org.springframework.stereotype.Component;
-import org.springframework.web.client.RestTemplate;
-import org.springframework.web.util.UriComponentsBuilder;
-
-@Slf4j
-@Component
-public class KeycloakLogoutHandler implements LogoutHandler {
-
-
-    private final RestTemplate restTemplate;
-
-    public KeycloakLogoutHandler(RestTemplate restTemplate) {
-        this.restTemplate = restTemplate;
-    }
-
-    @Override
-    public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
-        logout(request, auth);
-    }
-
-    public void logout(HttpServletRequest request, Authentication auth) {
-        logoutFromKeycloak((OidcUser) auth.getPrincipal());
-    }
-
-    private void logoutFromKeycloak(OidcUser user) {
-        String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout";
-        UriComponentsBuilder builder = UriComponentsBuilder
-                .fromUriString(endSessionEndpoint)
-                .queryParam("id_token_hint", user.getIdToken().getTokenValue());
-
-        ResponseEntity<String> logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class);
-        if (logoutResponse.getStatusCode().is2xxSuccessful()) {
-            log.info("Successfulley logged out from Keycloak");
-        } else {
-            log.error("Could not propagate logout to Keycloak");
-        }
-    }
-
-}
diff --git a/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java b/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java
index 8ddcbcb..0654bb6 100644
--- a/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java
+++ b/backend/src/main/java/de/szut/casino/security/KeycloakSecurityConfig.java
@@ -14,7 +14,6 @@ import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
 import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
 import org.springframework.security.web.session.HttpSessionEventPublisher;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -24,16 +23,9 @@ import java.util.Map;
 @EnableWebSecurity
 class KeycloakSecurityConfig {
 
-    private static final String GROUPS = "groups";
     private static final String REALM_ACCESS_CLAIM = "realm_access";
     private static final String ROLES_CLAIM = "roles";
 
-    private final KeycloakLogoutHandler keycloakLogoutHandler;
-
-    KeycloakSecurityConfig(KeycloakLogoutHandler keycloakLogoutHandler) {
-        this.keycloakLogoutHandler = keycloakLogoutHandler;
-    }
-
     @Bean
     public SessionRegistry sessionRegistry() {
         return new SessionRegistryImpl();
@@ -49,11 +41,10 @@ class KeycloakSecurityConfig {
         return new HttpSessionEventPublisher();
     }
 
-
     @Bean
     public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests(auth -> auth
-                .requestMatchers("/swagger", "/swagger-ui/**", "/v3/api-docs/**", "/health").permitAll()
+                .requestMatchers("/swagger", "/swagger-ui/**", "/v3/api-docs/**", "health").permitAll()
                 .anyRequest().authenticated()
             )
             .oauth2ResourceServer(spec -> spec.jwt(Customizer.withDefaults()));
@@ -67,9 +58,9 @@ class KeycloakSecurityConfig {
         jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> {
             List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
 
-            Map<String, Object> realmAccess = jwt.getClaim("realm_access");
-            if (realmAccess != null && realmAccess.containsKey("roles")) {
-                List<String> roles = (List<String>) realmAccess.get("roles");
+            Map<String, Object> realmAccess = jwt.getClaim(REALM_ACCESS_CLAIM);
+            if (realmAccess != null && realmAccess.containsKey(ROLES_CLAIM)) {
+                List<String> roles = (List<String>) realmAccess.get(ROLES_CLAIM);
                 for (String role : roles) {
                     grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_" + role));
                 }