Keeping up with pac4j changes

apache · Nov 15, 2023 · 8eb9360 · 8eb9360
1 parent ca9de04
commit 8eb9360
Show file tree

Hide file tree

Showing 7 changed files with 69 additions and 7 deletions.
diff --git a/...c4ui/logic/src/main/java/org/apache/syncope/core/logic/oidc/NoOpSessionLogoutHandler.java b/...c4ui/logic/src/main/java/org/apache/syncope/core/logic/oidc/NoOpSessionLogoutHandler.java
@@ -18,7 +18,29 @@
  */
 package org.apache.syncope.core.logic.oidc;
 
+import java.util.Optional;
+import org.pac4j.core.context.CallContext;
 import org.pac4j.core.logout.handler.SessionLogoutHandler;
 
 public class NoOpSessionLogoutHandler implements SessionLogoutHandler {
+
+    @Override
+    public void recordSession(final CallContext ctx, final String key) {
+        // nothing to do
+    }
+
+    @Override
+    public void destroySession(final CallContext ctx, final String key) {
+        // nothing to do
+    }
+
+    @Override
+    public void renewSession(final CallContext ctx, final String oldSessionId) {
+        // nothing to do
+    }
+
+    @Override
+    public Optional<String> cleanRecord(final String sessionId) {
+        return Optional.empty();
+    }
 }
diff --git a/ext/oidcc4ui/logic/src/main/java/org/apache/syncope/core/logic/oidc/OIDCClientCache.java b/ext/oidcc4ui/logic/src/main/java/org/apache/syncope/core/logic/oidc/OIDCClientCache.java
@@ -107,12 +107,12 @@ public OidcClient add(final OIDCC4UIProvider op, final String callbackUrl) {
         cfg.setOpMetadataResolver(new StaticOidcOpMetadataResolver(cfg, metadata));
         cfg.setScope(op.getScopes().stream().collect(Collectors.joining(" ")));
         cfg.setUseNonce(false);
-        cfg.setSessionLogoutHandler(new NoOpSessionLogoutHandler());
 
         OidcClient client = new OidcClient(cfg);
         client.setName(op.getName());
         client.setCallbackUrlResolver(new NoParameterCallbackUrlResolver());
         client.setCallbackUrl(callbackUrl);
+        client.getConfig().setSessionLogoutHandler(new NoOpSessionLogoutHandler());
         client.init();
 
         cache.add(client);

diff --git a/...saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/AbstractSAML2SP4UILogic.java b/...saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/AbstractSAML2SP4UILogic.java
@@ -23,7 +23,6 @@
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
 import org.apache.syncope.common.lib.to.EntityTO;
-import org.apache.syncope.core.logic.saml2.NoOpSessionLogoutHandler;
 import org.pac4j.saml.config.SAML2Configuration;
 import org.pac4j.saml.metadata.keystore.BaseSAML2KeystoreGenerator;
 import org.springframework.core.io.FileUrlResource;
@@ -75,7 +74,6 @@ public InputStream retrieve() throws Exception {
         cfg.setAuthnRequestSigned(true);
         cfg.setSpLogoutRequestSigned(true);
         cfg.setAcceptedSkew(props.getSkew());
-        cfg.setSessionLogoutHandler(new NoOpSessionLogoutHandler());
 
         return cfg;
     }

diff --git a/...4ui/logic/src/main/java/org/apache/syncope/core/logic/saml2/NoOpSessionLogoutHandler.java b/...4ui/logic/src/main/java/org/apache/syncope/core/logic/saml2/NoOpSessionLogoutHandler.java
@@ -18,7 +18,29 @@
  */
 package org.apache.syncope.core.logic.saml2;
 
+import java.util.Optional;
+import org.pac4j.core.context.CallContext;
 import org.pac4j.core.logout.handler.SessionLogoutHandler;
 
 public class NoOpSessionLogoutHandler implements SessionLogoutHandler {
+
+    @Override
+    public void recordSession(final CallContext ctx, final String key) {
+        // nothing to do
+    }
+
+    @Override
+    public void destroySession(final CallContext ctx, final String key) {
+        // nothing to do
+    }
+
+    @Override
+    public void renewSession(final CallContext ctx, final String oldSessionId) {
+        // nothing to do
+    }
+
+    @Override
+    public Optional<String> cleanRecord(final String sessionId) {
+        return Optional.empty();
+    }
 }
diff --git a/ext/saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ClientCache.java b/ext/saml2sp4ui/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ClientCache.java
@@ -134,6 +134,7 @@ public SAML2Client add(
         SAML2Client saml2Client = new SAML2Client(cfg);
         saml2Client.setCallbackUrlResolver(new NoParameterCallbackUrlResolver());
         saml2Client.setCallbackUrl(callbackUrl);
+        saml2Client.getConfig().setSessionLogoutHandler(new NoOpSessionLogoutHandler());
         saml2Client.init();
 
         cache.add(saml2Client);

diff --git a/sra/src/main/java/org/apache/syncope/sra/SecurityConfig.java b/sra/src/main/java/org/apache/syncope/sra/SecurityConfig.java
@@ -249,8 +249,7 @@ public ReactiveJwtDecoder oauth2JWTDecoder(
     @Bean
     @ConditionalOnMissingBean
     @ConditionalOnProperty(prefix = SRAProperties.PREFIX, name = SRAProperties.AM_TYPE, havingValue = "SAML2")
-    public SAML2Client saml2Client(final ResourcePatternResolver resourceResolver,
-            final SRAProperties props) {
+    public SAML2Client saml2Client(final ResourcePatternResolver resourceResolver, final SRAProperties props) {
         SAML2Configuration cfg = new SAML2Configuration(
                 resourceResolver.getResource(props.getSaml2().getKeystore()),
                 null,
@@ -291,13 +290,12 @@ public InputStream retrieve() throws Exception {
         cfg.setServiceProviderMetadataResourceFilepath(props.getSaml2().getSpMetadataFilePath());
         cfg.setAcceptedSkew(props.getSaml2().getSkew());
 
-        cfg.setSessionLogoutHandler(new NoOpSessionLogoutHandler());
-
         SAML2Client saml2Client = new SAML2Client(cfg);
         saml2Client.setName(SRAProperties.AMType.SAML2.name());
         saml2Client.setCallbackUrl(props.getSaml2().getEntityId()
                 + SAML2WebSsoAuthenticationWebFilter.FILTER_PROCESSES_URI);
         saml2Client.setCallbackUrlResolver(new NoParameterCallbackUrlResolver());
+        saml2Client.getConfig().setSessionLogoutHandler(new NoOpSessionLogoutHandler());
         saml2Client.init();
 
         return saml2Client;

diff --git a/sra/src/main/java/org/apache/syncope/sra/security/pac4j/NoOpSessionLogoutHandler.java b/sra/src/main/java/org/apache/syncope/sra/security/pac4j/NoOpSessionLogoutHandler.java
@@ -18,8 +18,29 @@
  */
 package org.apache.syncope.sra.security.pac4j;
 
+import java.util.Optional;
+import org.pac4j.core.context.CallContext;
 import org.pac4j.core.logout.handler.SessionLogoutHandler;
 
 public class NoOpSessionLogoutHandler implements SessionLogoutHandler {
 
+    @Override
+    public void recordSession(final CallContext ctx, final String key) {
+        // nothing to do
+    }
+
+    @Override
+    public void destroySession(final CallContext ctx, final String key) {
+        // nothing to do
+    }
+
+    @Override
+    public void renewSession(final CallContext ctx, final String oldSessionId) {
+        // nothing to do
+    }
+
+    @Override
+    public Optional<String> cleanRecord(final String sessionId) {
+        return Optional.empty();
+    }
 }