package org.pac4j.oidc.logout; import com.nimbusds.jwt.JWT; import com.nimbusds.openid.connect.sdk.LogoutRequest; import org.pac4j.core.context.WebContext; import org.pac4j.core.exception.TechnicalException; import org.pac4j.core.logout.LogoutActionBuilder; import org.pac4j.core.redirect.RedirectAction; import org.pac4j.core.util.CommonHelper; import org.pac4j.core.util.InitializableWebObject; import org.pac4j.oidc.config.OidcConfiguration; import org.pac4j.oidc.profile.OidcProfile; import java.net.URI; import java.net.URISyntaxException; /** * Logout action builder for OpenID Connect. * * @author Jerome Leleu * @since 2.0.0 */ public class OidcLogoutActionBuilder<U extends OidcProfile> extends InitializableWebObject implements LogoutActionBuilder<U> { private final OidcConfiguration configuration; public OidcLogoutActionBuilder(final OidcConfiguration configuration) { this.configuration = configuration; } @Override protected void internalInit(final WebContext context) { CommonHelper.assertNotNull("configuration", configuration); configuration.init(context); } @Override public RedirectAction getLogoutAction(final WebContext context, final U currentProfile, final String targetUrl) { init(context); final String logoutUrl = configuration.getLogoutUrl(); if (CommonHelper.isNotBlank(logoutUrl)) { try { final URI endSessionEndpoint = new URI(logoutUrl); final JWT idToken = currentProfile.getIdToken(); LogoutRequest logoutRequest; if (CommonHelper.isNotBlank(targetUrl)) { logoutRequest = new LogoutRequest(endSessionEndpoint, idToken, new URI(targetUrl), null); } else { logoutRequest = new LogoutRequest(endSessionEndpoint, idToken); } return RedirectAction.redirect(logoutRequest.toURI().toString()); } catch (final URISyntaxException e) { throw new TechnicalException(e); } } return null; } }