Repository: cxf-fediz Updated Branches: refs/heads/master 2bcb3b328 -> f7380a4ad FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f7380a4a Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f7380a4a Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f7380a4a Branch: refs/heads/master Commit: f7380a4adae3dd8499328243d54de3763b51fe90 Parents: 2bcb3b3 Author: Colm O hEigeartaigh Authored: Fri Feb 10 12:08:20 2017 +0000 Committer: Colm O hEigeartaigh Committed: Fri Feb 10 12:08:20 2017 +0000 ---------------------------------------------------------------------- .../core/processor/FederationProcessorImpl.java | 2 +- .../core/federation/FederationLogoutTest.java | 24 ++++++++++++++ .../test/resources/fediz_test_config_logout.xml | 34 ++++++++++++++++++++ 3 files changed, 59 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java index 88e8da1..41a0865 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java @@ -531,7 +531,7 @@ public class FederationProcessorImpl extends AbstractFedizProcessor { if (logoutRedirectTo.startsWith("/")) { logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1)); - } else { + } else if (!logoutRedirectTo.startsWith("http") && !logoutRedirectTo.startsWith("https")) { logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo); } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java index 67c01a5..09842dd 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java @@ -185,6 +185,30 @@ public class FederationLogoutTest { } @org.junit.Test + public void testSignoutWithAbsoluteURL() throws Exception { + FedizContext config = getFederationConfigurator().getFedizContext("ROOT4"); + + HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class); + EasyMock.expect(req.getParameter(FederationConstants.PARAM_ACTION)).andReturn(null).anyTimes(); + EasyMock.expect(req.getParameter(FederationConstants.PARAM_REPLY)).andReturn(null); + EasyMock.expect(req.getRequestURL()).andReturn(new StringBuffer(LOGOUT_URL)); + EasyMock.expect(req.getRequestURI()).andReturn(LOGOUT_URI); + EasyMock.expect(req.getContextPath()).andReturn(LOGOUT_URI); + EasyMock.replay(req); + + LogoutHandler logoutHandler = new LogoutHandler(config); + Assert.assertTrue(logoutHandler.canHandleRequest(req)); + + HttpServletResponse resp = EasyMock.createMock(HttpServletResponse.class); + String expectedRedirectToIdP = + "http://url_to_the_issuer?wa=wsignout1.0&wreply=https%3A%2F%2Flocalhost%2Fsecure%2Flogout%2Findex.html"; + resp.sendRedirect(expectedRedirectToIdP); + EasyMock.expectLastCall(); + EasyMock.replay(resp); + logoutHandler.handleRequest(req, resp); + } + + @org.junit.Test public void testSignoutAction() throws Exception { FedizContext config = getFederationConfigurator().getFedizContext("ROOT"); http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/resources/fediz_test_config_logout.xml ---------------------------------------------------------------------- diff --git a/plugins/core/src/test/resources/fediz_test_config_logout.xml b/plugins/core/src/test/resources/fediz_test_config_logout.xml index 8e8f5c0..0c7831e 100644 --- a/plugins/core/src/test/resources/fediz_test_config_logout.xml +++ b/plugins/core/src/test/resources/fediz_test_config_logout.xml @@ -120,4 +120,38 @@ .*wreply.html + + + http://host_one:port/url + + + + + + + + + + + 1000 + + target realm + http://url_to_the_issuer + ; + http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role + + 10000 + reply value + REQUEST + + + + + secure/logout + https://localhost/secure/logout/index.html + .*wreply.html + +