add timeout to frontchannel SLO

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-06-13 14:05:47 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-06-13 14:05:47 +0200
commit: 39d7088511d0959a9453112b5471c1cf9fd99d88 (patch)
tree: c8b90b80927db9f21d12b1193c0bb56323072e39 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
parent: 72b7bf07c9c070bc8aa4020568c849cb749c0dd8 (diff)
download: moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.tar.gz
moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.tar.bz2
moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.zip
1 files changed, 83 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
index 536f3ee04..a7ec4dcb6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
@@ -29,17 +29,26 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.velocity.VelocityContext;
+import org.opensaml.saml2.core.LogoutResponse;
+import org.opensaml.saml2.metadata.SingleLogoutService;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.data.SLOInformationContainer;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.id.moduls.SSOManager;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescriptorException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
+import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.egovernment.moa.util.URLEncoder;
 
 /**
  * @author tlenz
@@ -55,6 +64,8 @@ public class IDPSingleLogOutServlet extends AuthServlet {
 		SSOManager ssomanager = SSOManager.getInstance();		
 		String ssoid = ssomanager.getSSOSessionID(req);
 		
+		Object restartProcessObj = req.getParameter(PARAM_SLORESTART);
+		
 		Object tokkenObj = req.getParameter(PARAM_SLOSTATUS);
 		String tokken = null;
 		String status = null;
@@ -111,17 +122,87 @@ public class IDPSingleLogOutServlet extends AuthServlet {
 						e.printStackTrace();
 					}
 				}				
+			}
+			
+		} else if (restartProcessObj != null && restartProcessObj instanceof String) {
+			String restartProcess = (String) restartProcessObj;
+			if (MiscUtil.isNotEmpty(restartProcess)) {
+				Logger.info("Restart Single LogOut process after timeout ... ");
+					try {						
+						SLOInformationContainer sloContainer = AssertionStorage.getInstance().get(restartProcess, SLOInformationContainer.class);
+						if (sloContainer.hasFrontChannelOA())
+							sloContainer.putFailedOA("differntent OAs");
+							
+						String redirectURL = null;
+						if (sloContainer.getSloRequest() != null) {
+							//send SLO response to SLO request issuer
+							SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(sloContainer.getSloRequest());
+							LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs());
+							redirectURL = SingleLogOutBuilder.getFrontChannelSLOMessageURL(sloService, message, req, resp, sloContainer.getSloRequest().getRequest().getRelayState());
+															
+						} else {
+							//print SLO information directly
+							redirectURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/idpSingleLogout";
+							
+							String artifact = Random.nextRandom();
+							
+					        String statusCode = null;
+							if (sloContainer.getSloFailedOAs() == null || 
+					        		sloContainer.getSloFailedOAs().size() == 0)							       							   							        	
+					        	statusCode  = SLOSTATUS_SUCCESS;
+					        else
+					        	statusCode  = SLOSTATUS_ERROR;
+
+							AssertionStorage.getInstance().put(artifact, statusCode);
+					        redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact);
+					        
+						}								
+						//redirect to Redirect Servlet
+						String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet";
+						url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8"));
+						url = resp.encodeRedirectURL(url);
+					
+						resp.setContentType("text/html");
+						resp.setStatus(302);
+						resp.addHeader("Location", url);
+						return;	
+												
+					} catch (MOADatabaseException e) {
+						Logger.info("Find no SLO information with processingID " 
+								+ restartProcess);
+						
+					} catch (NoMetadataInformationException e) {
+						Logger.warn("Build SLO respone FAILED.", e);
+						
+					} catch (NOSLOServiceDescriptorException e) {
+						Logger.warn("Build SLO respone FAILED.", e);
+						
+					} catch (MOAIDException e) {
+						Logger.warn("Build SLO respone FAILED.", e);
+						
+					}
+					
+					VelocityContext context = new VelocityContext();
+					context.put("errorMsg", 
+							MOAIDMessageProvider.getInstance().getMessage("slo.01", null));
+		                	
+					try {
+						ssomanager.printSingleLogOutInfo(context, resp);
+						
+					} catch (MOAIDException e) {
+						e.printStackTrace();
+					}
+					return;
 			}			
 		}
 		
 		VelocityContext context = new VelocityContext();
 		context.put("successMsg",
 				MOAIDMessageProvider.getInstance().getMessage("slo.02", null));
-		try {
+		try {			
 			ssomanager.printSingleLogOutInfo(context, resp);
 						
 		} catch (MOAIDException e) {
-			// TODO Auto-generated catch block
 			e.printStackTrace();
 		}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-06-13 14:05:47 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-06-13 14:05:47 +0200
commit	39d7088511d0959a9453112b5471c1cf9fd99d88 (patch)
tree	c8b90b80927db9f21d12b1193c0bb56323072e39 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
parent	72b7bf07c9c070bc8aa4020568c849cb749c0dd8 (diff)
download	moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.tar.gz moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.tar.bz2 moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.zip