Skip to content

Commit

Permalink
Fix Logout Page for SAML2
Browse files Browse the repository at this point in the history
  • Loading branch information
@haynescd
haynescd committed Dec 15, 2023
1 parent c80d1e1 commit 5d6ab51
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 14 deletions.
4 changes: 2 additions & 2 deletions src/main/java/org/cbioportal/security/config/Saml2SecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,11 @@ public SecurityFilterChain samlFilterChain(HttpSecurity http) throws Exception {
authenticationProvider.setResponseAuthenticationConverter(rolesConverter());

return http.authorizeHttpRequests(auth ->
auth.requestMatchers("/api/health").permitAll()
auth.requestMatchers("/api/health", "/login", "/images/**" ).permitAll()
.anyRequest().authenticated())
.saml2Login(saml2 -> saml2
.authenticationManager(new ProviderManager(authenticationProvider)))
.saml2Logout(Customizer.withDefaults())
.logout(logout -> logout.logoutSuccessUrl("/login?logout_success"))
.csrf(AbstractHttpConfigurer::disable)
.build();
}
Expand Down
31 changes: 20 additions & 11 deletions src/main/java/org/cbioportal/web/LoginPageController.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package org.cbioportal.web;

import jakarta.servlet.http.HttpServletRequest;
import org.apache.commons.collections.map.HashedMap;
import org.cbioportal.service.FrontendPropertiesService;
import org.cbioportal.service.FrontendPropertiesServiceImpl;
import org.slf4j.Logger;
Expand All @@ -20,6 +21,7 @@
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;

@Controller
@ConditionalOnExpression("{'oauth2','saml','optional_oauth2'}.contains('${authenticate}')")
Expand All @@ -29,34 +31,41 @@ public class LoginPageController {
@Autowired
private FrontendPropertiesService frontendPropertiesService;

@Autowired
InMemoryClientRegistrationRepository clientRegistrationRepository;
@Autowired(required = false)
private InMemoryClientRegistrationRepository clientRegistrationRepository;

@Value("${authenticate}")
private String[] authenticate;
private String authenticate;

@GetMapping(value = "/login", produces = MediaType.APPLICATION_JSON_VALUE)
public String showLoginPage(HttpServletRequest request, Authentication authentication, Model model) {
Map<String, String> oauth2AuthenticationUrls = new HashMap<>();
for (ClientRegistration clientRegistration : clientRegistrationRepository) {
oauth2AuthenticationUrls.put(clientRegistration.getClientName(),
OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + clientRegistration.getRegistrationId());
}



Map<String, String> oauth2AuthenticationUrls = getOauth2AuthenticationUrls();

model.addAttribute("oauth_urls", oauth2AuthenticationUrls);

model.addAttribute("skin_title", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.skin_title));
model.addAttribute("skin_authorization_message", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.skin_authorization_message));
model.addAttribute("skin_login_contact_html", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.skin_login_contact_html));
model.addAttribute("skin_login_saml_registration_html", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.skin_login_saml_registration_html));
model.addAttribute("saml_idp_metadata_entityid", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.saml_idp_metadata_entityid));
model.addAttribute("logout_success", Boolean.parseBoolean(request.getParameter("logout_success")));
model.addAttribute("logout_success", request.getParameterMap().containsKey("logout_success"));
model.addAttribute("login_error", Boolean.parseBoolean(request.getParameter("login_error")));
model.addAttribute("show_saml", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.authenticationMethod).equals("saml"));
model.addAttribute("show_google", Arrays.asList(authenticate).contains("social_auth") || Arrays.asList(authenticate).contains("social_auth_google") );
model.addAttribute("show_microsoft", Arrays.asList(authenticate).contains("social_auth_microsoft"));

return "login";
}

private Map<String, String> getOauth2AuthenticationUrls() {
Map<String, String> oauth2AuthenticationUrls = new HashMap<>();
if(!Objects.isNull(clientRegistrationRepository) && !Objects.equals(authenticate, "saml")) {
for (ClientRegistration clientRegistration : clientRegistrationRepository) {
oauth2AuthenticationUrls.put(clientRegistration.getClientName(),
OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + clientRegistration.getRegistrationId());
}
}
return oauth2AuthenticationUrls;
}
}
10 changes: 9 additions & 1 deletion src/main/resources/templates/login.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
<strong>You are now signed out. It is recommended that you close your browser to complete the termination of
this session.</strong>
</p>

</div>

<div th:if="${login_error}"
Expand All @@ -45,7 +46,7 @@
</strong></p>
</div>

<table cellspacing="2px" width="100%">
<table cellspacing="2px" width="100%" >
<tr>
<td>
<p>
Expand All @@ -72,6 +73,13 @@
</a>
</td>
</tr>
<tr th:if="${logout_success}">
<td>
<p>
<button onclick="location.href='/'">Login CBioPortal</button>
</p>
</td>
</tr>
</table>
</div>
</td>
Expand Down

0 comments on commit 5d6ab51

Please sign in to comment.