2 * Copyright 2001-2007 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
20 * Base class for logout-related handlers.
24 #include "exceptions.h"
25 #include "Application.h"
26 #include "ServiceProvider.h"
27 #include "SessionCache.h"
28 #include "handler/LogoutHandler.h"
29 #include "util/TemplateParameters.h"
32 #include <log4cpp/Category.hh>
33 #include <xmltooling/XMLToolingConfig.h>
34 #include <xmltooling/util/URLEncoder.h>
39 using namespace shibsp;
40 using namespace xmltooling;
43 pair<bool,long> LogoutHandler::run(SPRequest& request, bool isHandler) const
45 // If we're inside a chain, so do nothing.
47 return make_pair(false,0);
49 // If this isn't a LogoutInitiator, we only "continue" a notification loop, rather than starting one.
50 if (!m_initiator && !request.getParameter("notifying"))
51 return make_pair(false,0);
53 // Try another front-channel notification. No extra parameters and the session is implicit.
54 pair<bool,long> ret = notifyFrontChannel(request.getApplication(), request, request);
58 return make_pair(false,0);
61 void LogoutHandler::receive(DDF& in, ostream& out)
65 if (in["notify"].integer() != 1)
66 throw ListenerException("Unsupported operation.");
69 const char* aid=in["application_id"].string();
70 const Application* app=aid ? SPConfig::getConfig().getServiceProvider()->getApplication(aid) : NULL;
72 // Something's horribly wrong.
73 log4cpp::Category::getInstance(SHIBSP_LOGCAT".Logout").error("couldn't find application (%s) for logout", aid ? aid : "(missing)");
74 throw ConfigurationException("Unable to locate application for logout, deleted?");
77 vector<string> sessions;
78 DDF s = in["sessions"];
80 while (temp.isstring()) {
81 sessions.push_back(temp.string());
83 if (notifyBackChannel(*app, sessions))
90 pair<bool,long> LogoutHandler::notifyFrontChannel(
91 const Application& application,
92 const HTTPRequest& request,
93 HTTPResponse& response,
94 const map<string,string>* params
97 // Index of notification point starts at 0.
98 unsigned int index = 0;
99 const char* param = request.getParameter("index");
103 // Fetch the next front notification URL and bump the index for the next round trip.
104 string loc = application.getNotificationURL(request, true, index++);
106 return make_pair(false,0);
108 const URLEncoder* encoder = XMLToolingConfig::getConfig().getURLEncoder();
110 // Start with an "action" telling the application what this is about.
111 loc = loc + (strchr(loc.c_str(),'?') ? '&' : '?') + "action=logout";
113 // Now we create a second URL representing the return location back to us.
114 const char* start = request.getRequestURL();
115 const char* end = strchr(start,'?');
116 string tempstr(start, end ? end-start : strlen(start));
117 ostringstream locstr(tempstr);
119 // Add a signal that we're coming back from notification and the next index.
120 locstr << "?notifying=1&index=" << index;
122 // We preserve anything we're instructed to directly.
124 for (map<string,string>::const_iterator p = params->begin(); p!=params->end(); ++p)
125 locstr << '&' << p->first << '=' << encoder->encode(p->second.c_str());
128 for (vector<string>::const_iterator q = m_preserve.begin(); q!=m_preserve.end(); ++q) {
129 param = request.getParameter(q->c_str());
131 locstr << '&' << *q << '=' << encoder->encode(param);
135 // Add the return parameter to the destination location and redirect.
136 loc = loc + "&return=" + encoder->encode(locstr.str().c_str());
137 return make_pair(true,response.sendRedirect(loc.c_str()));
140 bool LogoutHandler::notifyBackChannel(const Application& application, const vector<string>& sessions) const
142 if (SPConfig::getConfig().isEnabled(SPConfig::OutOfProcess)) {
150 // When not out of process, we remote the back channel work.
151 DDF out,in(m_address.c_str());
152 DDFJanitor jin(in), jout(out);
153 in.addmember("notify").integer(1);
154 in.addmember("application_id").string(application.getId());
155 DDF s = in.addmember("sessions").list();
156 for (vector<string>::const_iterator i = sessions.begin(); i!=sessions.end(); ++i) {
157 DDF temp = DDF(NULL).string(i->c_str());
160 out=application.getServiceProvider().getListenerService()->send(in);
161 return (out.integer() == 1);
164 pair<bool,long> LogoutHandler::sendLogoutPage(const Application& application, HTTPResponse& response, bool local, const char* status) const
166 pair<bool,const char*> prop = application.getString(local ? "localLogout" : "globalLogout");
168 response.setContentType("text/html");
169 response.setResponseHeader("Expires","01-Jan-1997 12:00:00 GMT");
170 response.setResponseHeader("Cache-Control","private,no-store,no-cache");
171 ifstream infile(prop.second);
173 throw ConfigurationException("Unable to access $1 HTML template.", params(1,local ? "localLogout" : "globalLogout"));
174 TemplateParameters tp;
175 tp.setPropertySet(application.getPropertySet("Errors"));
177 tp.m_map["logoutStatus"] = status;
179 XMLToolingConfig::getConfig().getTemplateEngine()->run(infile, str, tp);
180 return make_pair(true,response.sendResponse(str));
182 prop = application.getString("homeURL");
185 return make_pair(true,response.sendRedirect(prop.second));