org.apereo.cas.support.pac4j.web.flow.DestroyTgtAndCookiesAction.terminate(RequestContext) - Code Metrics - Inspection of "WIP: Enhancements for PAC4J SAML Single Logout on..." - apereo/cas - Measure and Improve Code Quality continuously with Scrutinizer

Test Setup Failed

Pull Request — master (#3063)

unknown

created 2017-11-14 13:14 UTC

terminate(RequestContext) B

↳ Parent: org.apereo.cas.support.pac4j.web.flow.DestroyTgtAndCookiesAction

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
dl	0
loc	25
c	1
b	0
f	0
cc	4
rs	8.5806

package org.apereo.cas.support.pac4j.web.flow;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.configuration.model.core.logout.LogoutProperties;
import org.apereo.cas.logout.LogoutRequest;
import org.apereo.cas.web.flow.TerminateSessionAction;
import org.apereo.cas.web.support.CookieRetrievingCookieGenerator;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.EventFactorySupport;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

import com.google.common.base.Throwables;


/**
 * A light version of {@link TerminateSessionAction} that does NOT destroy the HTTP session, only destroys the TGT and cookies.
 * 
 * It is assumed that the session itself will be terminated in {@link TerminateSessionFlowExecutionListener}.
 * 
 * @author jkacer
 * 
 * @see TerminateSessionFlowExecutionListener
 * 
 * @since 5.2.0
 */
public class DestroyTgtAndCookiesAction extends TerminateSessionAction {

    private final Logger logger2 = LoggerFactory.getLogger(DestroyTgtAndCookiesAction.class);

    private final EventFactorySupport eventFactorySupport;
    private final CentralAuthenticationService centralAuthenticationService;
    private final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;
    private final CookieRetrievingCookieGenerator warnCookieGenerator;


    public DestroyTgtAndCookiesAction(
            final CentralAuthenticationService centralAuthenticationService,
            final CookieRetrievingCookieGenerator tgtCookieGenerator,
            final CookieRetrievingCookieGenerator warnCookieGenerator,
            final LogoutProperties logoutProperties) {
        super(centralAuthenticationService, tgtCookieGenerator, warnCookieGenerator, logoutProperties);
        this.eventFactorySupport = new EventFactorySupport();
        this.centralAuthenticationService = centralAuthenticationService;
        this.ticketGrantingTicketCookieGenerator = tgtCookieGenerator;
        this.warnCookieGenerator = warnCookieGenerator;
    }


    @Override
    public Event terminate(final RequestContext context) {
        // in login's webflow : we can get the value from context as it has already been stored
        try {
            final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
            final HttpServletResponse response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context);

            String tgtId = WebUtils.getTicketGrantingTicketId(context);
            // for logout, we need to get the cookie's value
            if (tgtId == null) {
                tgtId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
            }
            if (tgtId != null) {
                logger2.debug("Destroying SSO session linked to ticket-granting ticket [{}]", tgtId);
                final List<LogoutRequest> logoutRequests = this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId);
                WebUtils.putLogoutRequests(context, logoutRequests);
            }
            logger2.debug("Removing CAS cookies");
            this.ticketGrantingTicketCookieGenerator.removeCookie(response);
            this.warnCookieGenerator.removeCookie(response);

            // Do NOT destroy the session here. Keep it.
            return this.eventFactorySupport.success(this);
        } catch (final Exception e) {
            throw Throwables.propagate(e);
        }
    }

}


1			package org.apereo.cas.support.pac4j.web.flow;
2
3			import java.util.List;
4
5			import javax.servlet.http.HttpServletRequest;
6			import javax.servlet.http.HttpServletResponse;
7
8			import org.apereo.cas.CentralAuthenticationService;
9			import org.apereo.cas.configuration.model.core.logout.LogoutProperties;
10			import org.apereo.cas.logout.LogoutRequest;
11			import org.apereo.cas.web.flow.TerminateSessionAction;
12			import org.apereo.cas.web.support.CookieRetrievingCookieGenerator;
13			import org.apereo.cas.web.support.WebUtils;
14			import org.slf4j.Logger;
15			import org.slf4j.LoggerFactory;
16			import org.springframework.webflow.action.EventFactorySupport;
17			import org.springframework.webflow.execution.Event;
18			import org.springframework.webflow.execution.RequestContext;
19
20			import com.google.common.base.Throwables;
21
22
23			/**
24			* A light version of {@link TerminateSessionAction} that does NOT destroy the HTTP session, only destroys the TGT and cookies.
25			*
26			* It is assumed that the session itself will be terminated in {@link TerminateSessionFlowExecutionListener}.
27			*
28			* @author jkacer
29			*
30			* @see TerminateSessionFlowExecutionListener
31			*
32			* @since 5.2.0
33			*/
34			public class DestroyTgtAndCookiesAction extends TerminateSessionAction {
35
36			private final Logger logger2 = LoggerFactory.getLogger(DestroyTgtAndCookiesAction.class);
37
38			private final EventFactorySupport eventFactorySupport;
39			private final CentralAuthenticationService centralAuthenticationService;
40			private final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;
41			private final CookieRetrievingCookieGenerator warnCookieGenerator;
42
43
44			public DestroyTgtAndCookiesAction(
45			final CentralAuthenticationService centralAuthenticationService,
46			final CookieRetrievingCookieGenerator tgtCookieGenerator,
47			final CookieRetrievingCookieGenerator warnCookieGenerator,
48			final LogoutProperties logoutProperties) {
49			super(centralAuthenticationService, tgtCookieGenerator, warnCookieGenerator, logoutProperties);
50			this.eventFactorySupport = new EventFactorySupport();
51			this.centralAuthenticationService = centralAuthenticationService;
52			this.ticketGrantingTicketCookieGenerator = tgtCookieGenerator;
53			this.warnCookieGenerator = warnCookieGenerator;
54			}
55
56
57			@Override
58			public Event terminate(final RequestContext context) {
59			// in login's webflow : we can get the value from context as it has already been stored
60			try {
61			final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
62			final HttpServletResponse response = WebUtils.getHttpServletResponseFromExternalWebflowContext(context);
63
64			String tgtId = WebUtils.getTicketGrantingTicketId(context);
65			// for logout, we need to get the cookie's value
66			if (tgtId == null) {
67			tgtId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
68			}
69			if (tgtId != null) {
70			logger2.debug("Destroying SSO session linked to ticket-granting ticket [{}]", tgtId);
71			final List<LogoutRequest> logoutRequests = this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId);
72			WebUtils.putLogoutRequests(context, logoutRequests);
73			}
74			logger2.debug("Removing CAS cookies");
75			this.ticketGrantingTicketCookieGenerator.removeCookie(response);
76			this.warnCookieGenerator.removeCookie(response);
77
78			// Do NOT destroy the session here. Keep it.
79			return this.eventFactorySupport.success(this);
80			} catch (final Exception e) {
81			throw Throwables.propagate(e);
82			}
83			}
84
85			}
86

apereo / cas

Pull Request — master (#3063)

terminate(RequestContext) B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like