mindol1004/spring-cloud-oauth2-sso-mk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

logout -> token revoke

Browse Source
This commit is contained in:
liquidjoo
2019-09-18 18:53:21 +09:00
parent c4d7977aa2
commit bf1e576ffa
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
authorization-server/src/main/java/io/bluemoon/authorizationserver/controller/sso/SsoController.java
View File

@@ -2,13 +2,30 @@ package io.bluemoon.authorizationserver.controller.sso;
import io.bluemoon.authorizationserver.config.annotation.SocialUser;
import io.bluemoon.authorizationserver.domain.user.User;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.security.Principal;
@Controller
public class SsoController {
private AuthorizationServerTokenServices authorizationServerTokenServices;
private ConsumerTokenServices consumerTokenServices;
public SsoController(AuthorizationServerTokenServices authorizationServerTokenServices,
ConsumerTokenServices consumerTokenServices) {
this.authorizationServerTokenServices = authorizationServerTokenServices;
this.consumerTokenServices = consumerTokenServices;
}
@RequestMapping(value = "/user")
@ResponseBody
public Principal user(Principal user) {
@@ -24,6 +41,16 @@ public class SsoController {
}
@PostMapping("/revokeToken")
public void revokeToken(HttpServletRequest request, HttpServletResponse response, Principal principal) {
OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) principal;
OAuth2AccessToken accessToken = authorizationServerTokenServices.getAccessToken(oAuth2Authentication);
consumerTokenServices.revokeToken(accessToken.getValue());
HttpSession httpSession = request.getSession();
httpSession.invalidate();
}