You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by se...@apache.org on 2017/08/18 10:24:03 UTC

[1/2] cxf-fediz git commit: And adding some logging to BackChannelLogoutHandler as suggested by Ievgen

Repository: cxf-fediz
Updated Branches:
  refs/heads/master d9b9c95dc -> b558426c3


And adding some logging to BackChannelLogoutHandler as suggested by Ievgen


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b558426c
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b558426c
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b558426c

Branch: refs/heads/master
Commit: b558426c378967b8cbe970ffaf7ba40800874442
Parents: 72e748d
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Aug 18 11:19:29 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Aug 18 11:23:46 2017 +0100

----------------------------------------------------------------------
 .../service/oidc/logout/BackChannelLogoutHandler.java  | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b558426c/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
index f97e642..5d1b50f 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
@@ -24,11 +24,14 @@ import java.util.List;
 import java.util.Set;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
+import java.util.logging.Logger;
 
 import javax.ws.rs.core.Form;
 
+import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.rs.security.jose.jwt.JoseJwtProducer;
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
@@ -40,6 +43,8 @@ import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
 
 public class BackChannelLogoutHandler extends JoseJwtProducer {
+    private static final Logger LOG = LogUtils.getL7dLogger(BackChannelLogoutHandler.class);
+
     private static final String BACK_CHANNEL_LOGOUT_URI = "backchannel_logout_uri";
     private static final String LOGOUT_TOKEN = "logout_token";
     private static final String EVENTS_PROPERTY = "events";
@@ -72,8 +77,8 @@ public class BackChannelLogoutHandler extends JoseJwtProducer {
 
     }
 
-    private void submitBackChannelLogoutRequest(Client client, OidcUserSubject subject,
-            IdToken idTokenHint, String uri) {
+    private void submitBackChannelLogoutRequest(final Client client, final OidcUserSubject subject,
+            final IdToken idTokenHint, final String uri) {
         // Application context is expected to contain HttpConduit HTTPS configuration
         final WebClient wc = WebClient.create(uri);
         IdToken idToken = idTokenHint != null ? idTokenHint : subject.getIdToken(); 
@@ -93,7 +98,9 @@ public class BackChannelLogoutHandler extends JoseJwtProducer {
                 try {
                     wc.form(new Form().param(LOGOUT_TOKEN, logoutToken));
                 } catch (Exception ex) {
-                    // nothing else can be done
+                    LOG.info(String.format("Back channel request to %s to log out %s from client %s has failed",
+                        uri, subject.getLogin(), client.getClientId()));
+                    LOG.fine(String.format("%s connection failure", ExceptionUtils.getStackTrace(ex)));
                 }
             }

[2/2] cxf-fediz git commit: Fixing a typo in BackChannelLogoutHandler as spotted by Ievgen Tarasov

Posted by se...@apache.org.

Fixing a typo in BackChannelLogoutHandler as spotted by Ievgen Tarasov


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/72e748dc
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/72e748dc
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/72e748dc

Branch: refs/heads/master
Commit: 72e748dc8e3841d5583f50cf826d4a55f8a820a9
Parents: d9b9c95
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Aug 18 10:47:05 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Aug 18 11:23:46 2017 +0100

----------------------------------------------------------------------
 .../cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/72e748dc/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
index 0c417b6..f97e642 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/BackChannelLogoutHandler.java
@@ -53,7 +53,7 @@ public class BackChannelLogoutHandler extends JoseJwtProducer {
         // to check the access tokens - it can not offer a complete solution, for ex
         // in cases when ATs have expired or been revoked or Implicit id_token flow is used.
         // Most likely a 'visited sites' cookie as suggested by the spec will need to be used.
-        List<ServerAccessToken> accessTokens = dataProvider.getAccessTokens(client,  subject);
+        List<ServerAccessToken> accessTokens = dataProvider.getAccessTokens(null,  subject);
         Set<String> processedClients = new HashSet<String>();
         for (ServerAccessToken at : accessTokens) {
             Client atClient = at.getClient();