You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/08/18 10:24:03 UTC
[1/2] cxf-fediz git commit: And adding some logging to
BackChannelLogoutHandler as suggested by Ievgen
Repository: cxf-fediz
Updated Branches:
refs/heads/master d9b9c95dc -> b558426c3
And adding some logging to BackChannelLogoutHandler as suggested by Ievgen
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b558426c
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b558426c
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b558426c
Branch: refs/heads/master
Commit: b558426c378967b8cbe970ffaf7ba40800874442
Parents: 72e748d
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Aug 18 11:19:29 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Aug 18 11:23:46 2017 +0100
----------------------------------------------------------------------
.../service/oidc/logout/BackChannelLogoutHandler.java | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b558426c/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
index f97e642..5d1b50f 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
@@ -24,11 +24,14 @@ import java.util.List;
import java.util.Set;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
+import java.util.logging.Logger;
import javax.ws.rs.core.Form;
+import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.jaxrs.utils.ExceptionUtils;
import org.apache.cxf.rs.security.jose.jwt.JoseJwtProducer;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
import org.apache.cxf.rs.security.jose.jwt.JwtToken;
@@ -40,6 +43,8 @@ import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
import org.apache.cxf.rt.security.crypto.CryptoUtils;
public class BackChannelLogoutHandler extends JoseJwtProducer {
+ private static final Logger LOG = LogUtils.getL7dLogger(BackChannelLogoutHandler.class);
+
private static final String BACK_CHANNEL_LOGOUT_URI = "backchannel_logout_uri";
private static final String LOGOUT_TOKEN = "logout_token";
private static final String EVENTS_PROPERTY = "events";
@@ -72,8 +77,8 @@ public class BackChannelLogoutHandler extends JoseJwtProducer {
}
- private void submitBackChannelLogoutRequest(Client client, OidcUserSubject subject,
- IdToken idTokenHint, String uri) {
+ private void submitBackChannelLogoutRequest(final Client client, final OidcUserSubject subject,
+ final IdToken idTokenHint, final String uri) {
// Application context is expected to contain HttpConduit HTTPS configuration
final WebClient wc = WebClient.create(uri);
IdToken idToken = idTokenHint != null ? idTokenHint : subject.getIdToken();
@@ -93,7 +98,9 @@ public class BackChannelLogoutHandler extends JoseJwtProducer {
try {
wc.form(new Form().param(LOGOUT_TOKEN, logoutToken));
} catch (Exception ex) {
- // nothing else can be done
+ LOG.info(String.format("Back channel request to %s to log out %s from client %s has failed",
+ uri, subject.getLogin(), client.getClientId()));
+ LOG.fine(String.format("%s connection failure", ExceptionUtils.getStackTrace(ex)));
}
}
[2/2] cxf-fediz git commit: Fixing a typo in BackChannelLogoutHandler
as spotted by Ievgen Tarasov
Posted by se...@apache.org.
Fixing a typo in BackChannelLogoutHandler as spotted by Ievgen Tarasov
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/72e748dc
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/72e748dc
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/72e748dc
Branch: refs/heads/master
Commit: 72e748dc8e3841d5583f50cf826d4a55f8a820a9
Parents: d9b9c95
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Aug 18 10:47:05 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Aug 18 11:23:46 2017 +0100
----------------------------------------------------------------------
.../cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/72e748dc/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
index 0c417b6..f97e642 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
@@ -53,7 +53,7 @@ public class BackChannelLogoutHandler extends JoseJwtProducer {
// to check the access tokens - it can not offer a complete solution, for ex
// in cases when ATs have expired or been revoked or Implicit id_token flow is used.
// Most likely a 'visited sites' cookie as suggested by the spec will need to be used.
- List<ServerAccessToken> accessTokens = dataProvider.getAccessTokens(client, subject);
+ List<ServerAccessToken> accessTokens = dataProvider.getAccessTokens(null, subject);
Set<String> processedClients = new HashSet<String>();
for (ServerAccessToken at : accessTokens) {
Client atClient = at.getClient();