io.micronaut.security.token.cookie.TokenCookieClearerLogoutHandler Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of micronaut-security Show documentation
Show all versions of micronaut-security Show documentation
Official Security Solution for Micronaut
/*
* Copyright 2017-2023 original authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.micronaut.security.token.cookie;
import io.micronaut.context.annotation.Requires;
import io.micronaut.core.annotation.Nullable;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.HttpResponse;
import io.micronaut.http.MutableHttpResponse;
import io.micronaut.http.cookie.Cookie;
import io.micronaut.http.cookie.CookieConfiguration;
import io.micronaut.http.cookie.SameSite;
import io.micronaut.security.authentication.CookieBasedAuthenticationModeCondition;
import io.micronaut.security.config.RedirectConfiguration;
import io.micronaut.security.config.RedirectService;
import io.micronaut.security.handlers.LogoutHandler;
import jakarta.inject.Singleton;
import java.net.URI;
import java.net.URISyntaxException;
/**
* Clears the cookie configured via {@link CookieLoginHandler}.
* @author Sergio del Amo
* @since 1.0
*/
@Requires(classes = { MutableHttpResponse.class, HttpRequest.class })
@Requires(condition = CookieBasedAuthenticationModeCondition.class)
@Singleton
public class TokenCookieClearerLogoutHandler implements LogoutHandler, MutableHttpResponse> {
@Nullable
protected final String logout;
protected final AccessTokenCookieConfiguration accessTokenCookieConfiguration;
protected final RefreshTokenCookieConfiguration refreshTokenCookieConfiguration;
/**
* @param accessTokenCookieConfiguration JWT Cookie Configuration
* @param refreshTokenCookieConfiguration Refresh token cookie configuration
* @param redirectConfiguration Redirect configuration
* @param redirectService Redirection Service
*/
public TokenCookieClearerLogoutHandler(AccessTokenCookieConfiguration accessTokenCookieConfiguration,
RefreshTokenCookieConfiguration refreshTokenCookieConfiguration,
RedirectConfiguration redirectConfiguration,
RedirectService redirectService) {
this.accessTokenCookieConfiguration = accessTokenCookieConfiguration;
this.refreshTokenCookieConfiguration = refreshTokenCookieConfiguration;
this.logout = redirectConfiguration.isEnabled() ? redirectService.logoutUrl() : null;
}
@Override
public MutableHttpResponse logout(HttpRequest request) {
try {
MutableHttpResponse response = logout == null ? HttpResponse.ok() : HttpResponse.seeOther(new URI(logout));
clearCookie(accessTokenCookieConfiguration, response, request.isSecure());
if (refreshTokenCookieConfiguration != null) {
clearCookie(refreshTokenCookieConfiguration, response, request.isSecure());
}
return response;
} catch (URISyntaxException var5) {
return HttpResponse.serverError();
}
}
private void clearCookie(CookieConfiguration cookieConfiguration, MutableHttpResponse response, boolean isSecure) {
Cookie cookie = Cookie.of(cookieConfiguration.getCookieName(), "");
cookie.configure(cookieConfiguration, isSecure);
cookie.maxAge(0);
response.cookie(cookie);
}
}