diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-06-13 14:05:47 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-06-13 14:05:47 +0200 |
commit | 39d7088511d0959a9453112b5471c1cf9fd99d88 (patch) | |
tree | c8b90b80927db9f21d12b1193c0bb56323072e39 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java | |
parent | 72b7bf07c9c070bc8aa4020568c849cb749c0dd8 (diff) | |
download | moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.tar.gz moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.tar.bz2 moa-id-spss-39d7088511d0959a9453112b5471c1cf9fd99d88.zip |
add timeout to frontchannel SLO
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java | 85 |
1 files changed, 83 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 536f3ee04..a7ec4dcb6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -29,17 +29,26 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.velocity.VelocityContext; +import org.opensaml.saml2.core.LogoutResponse; +import org.opensaml.saml2.metadata.SingleLogoutService; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.SSOManager; +import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescriptorException; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; +import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.egovernment.moa.util.URLEncoder; /** * @author tlenz @@ -55,6 +64,8 @@ public class IDPSingleLogOutServlet extends AuthServlet { SSOManager ssomanager = SSOManager.getInstance(); String ssoid = ssomanager.getSSOSessionID(req); + Object restartProcessObj = req.getParameter(PARAM_SLORESTART); + Object tokkenObj = req.getParameter(PARAM_SLOSTATUS); String tokken = null; String status = null; @@ -111,17 +122,87 @@ public class IDPSingleLogOutServlet extends AuthServlet { e.printStackTrace(); } } + } + + } else if (restartProcessObj != null && restartProcessObj instanceof String) { + String restartProcess = (String) restartProcessObj; + if (MiscUtil.isNotEmpty(restartProcess)) { + Logger.info("Restart Single LogOut process after timeout ... "); + try { + SLOInformationContainer sloContainer = AssertionStorage.getInstance().get(restartProcess, SLOInformationContainer.class); + if (sloContainer.hasFrontChannelOA()) + sloContainer.putFailedOA("differntent OAs"); + + String redirectURL = null; + if (sloContainer.getSloRequest() != null) { + //send SLO response to SLO request issuer + SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(sloContainer.getSloRequest()); + LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, sloContainer.getSloRequest(), sloContainer.getSloFailedOAs()); + redirectURL = SingleLogOutBuilder.getFrontChannelSLOMessageURL(sloService, message, req, resp, sloContainer.getSloRequest().getRequest().getRelayState()); + + } else { + //print SLO information directly + redirectURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; + + String artifact = Random.nextRandom(); + + String statusCode = null; + if (sloContainer.getSloFailedOAs() == null || + sloContainer.getSloFailedOAs().size() == 0) + statusCode = SLOSTATUS_SUCCESS; + else + statusCode = SLOSTATUS_ERROR; + + AssertionStorage.getInstance().put(artifact, statusCode); + redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact); + + } + //redirect to Redirect Servlet + String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); + url = resp.encodeRedirectURL(url); + + resp.setContentType("text/html"); + resp.setStatus(302); + resp.addHeader("Location", url); + return; + + } catch (MOADatabaseException e) { + Logger.info("Find no SLO information with processingID " + + restartProcess); + + } catch (NoMetadataInformationException e) { + Logger.warn("Build SLO respone FAILED.", e); + + } catch (NOSLOServiceDescriptorException e) { + Logger.warn("Build SLO respone FAILED.", e); + + } catch (MOAIDException e) { + Logger.warn("Build SLO respone FAILED.", e); + + } + + VelocityContext context = new VelocityContext(); + context.put("errorMsg", + MOAIDMessageProvider.getInstance().getMessage("slo.01", null)); + + try { + ssomanager.printSingleLogOutInfo(context, resp); + + } catch (MOAIDException e) { + e.printStackTrace(); + } + return; } } VelocityContext context = new VelocityContext(); context.put("successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.02", null)); - try { + try { ssomanager.printSingleLogOutInfo(context, resp); } catch (MOAIDException e) { - // TODO Auto-generated catch block e.printStackTrace(); } |