test-version22
/
MeterSphere
mirror of https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor: OIDC 单点登录修改

This commit is contained in:
CaptainB 2022-10-19 17:01:03 +08:00 committed by 刘瑞斌
parent fa8dfcee06
commit 44138e661e
4 changed files with 61 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
View File

@ -2,6 +2,7 @@ package io.metersphere.gateway.service;
import io.metersphere.base.domain.AuthSource;
import io.metersphere.base.domain.User;
import io.metersphere.commons.constants.UserSource;
import io.metersphere.commons.exception.MSException;
import io.metersphere.commons.user.SessionUser;
import io.metersphere.commons.utils.CodingUtil;
@ -158,24 +159,6 @@ public class SSOService {
session.getAttributes().put("user", userOptional.get());
}
/**
* oidc logout
*/
// public void logout() throws Exception {
// String authId = (String) SecurityUtils.getSubject().getSession().getAttribute("authId");
// AuthSource authSource = authSourceService.getAuthSource(authId);
// if (authSource != null) {
// Map config = JSON.parseObject(authSource.getConfiguration(), Map.class);
// if (StringUtils.equals(UserSource.OIDC.name(), authSource.getType())) {
// String idToken = (String) SecurityUtils.getSubject().getSession().getAttribute("idToken");
// String logoutUrl = (String) config.get("logoutUrl");
//
// RestTemplate restTemplate = getRestTemplateIgnoreSSL();
// restTemplate.getForEntity(logoutUrl + "?id_token_hint=" + idToken, String.class);
// }
// }
// }
/**
* cas callback
*/

4
framework/sdk-parent/sdk/src/main/java/io/metersphere/controller/LoginController.java
View File

@ -15,6 +15,7 @@ import io.metersphere.log.annotation.MsAuditLog;
import io.metersphere.request.LoginRequest;
import io.metersphere.service.BaseDisplayService;
import io.metersphere.service.BaseUserService;
import io.metersphere.service.SSOLogoutService;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.reflect.MethodUtils;
@ -37,6 +38,8 @@ public class LoginController {
private BaseUserService baseUserService;
@Resource
private BaseDisplayService baseDisplayService;
@Resource
private SSOLogoutService ssoLogoutService;
@Value("${spring.application.name}")
private String serviceId;
@Value("${server.port}")
@ -84,6 +87,7 @@ public class LoginController {
@GetMapping(value = "/signout")
@MsAuditLog(module = OperLogModule.AUTH_TITLE, beforeEvent = "#msClass.getUserId(id)", type = OperLogConstants.LOGIN, title = "登出", msClass = SessionUtils.class)
public ResultHolder logout() throws Exception {
ssoLogoutService.logout();
SecurityUtils.getSubject().logout();
return ResultHolder.success(StringUtils.EMPTY);
}

38
framework/sdk-parent/sdk/src/main/java/io/metersphere/service/SSOLogoutService.java Normal file
View File

@ -0,0 +1,38 @@
package io.metersphere.service;
import io.metersphere.base.domain.AuthSource;
import io.metersphere.base.mapper.AuthSourceMapper;
import io.metersphere.commons.constants.UserSource;
import io.metersphere.commons.utils.JSON;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;
import javax.annotation.Resource;
import java.util.Map;
@Service
public class SSOLogoutService {
@Resource
private AuthSourceMapper authSourceMapper;
@Resource
private RestTemplate restTemplate;
/**
* oidc logout
*/
public void logout() throws Exception {
String authId = (String) SecurityUtils.getSubject().getSession().getAttribute("authId");
AuthSource authSource = authSourceMapper.selectByPrimaryKey(authId);
if (authSource != null) {
Map config = JSON.parseObject(authSource.getConfiguration(), Map.class);
if (StringUtils.equals(UserSource.OIDC.name(), authSource.getType())) {
String idToken = (String) SecurityUtils.getSubject().getSession().getAttribute("idToken");
String logoutUrl = (String) config.get("logoutUrl");
restTemplate.getForEntity(logoutUrl + "?id_token_hint=" + idToken, String.class);
}
}
}
}

20
system-setting/frontend/src/business/system/setting/MxAuth.vue
View File

@ -89,7 +89,15 @@
<el-form-item label="Validate URL" :rules="requiredRules">
<el-input v-model="form.configuration.validateUrl" placeholder="eg: http://<casurl>/serviceValidate"/>
</el-form-item>
<el-form-item label="Redirect URL" :rules="requiredRules">
<el-form-item :rules="requiredRules">
<template v-slot:label>
Redirect URL
<el-tooltip content="Logout redirect URL: http://<metersphere-endpoint>/sso/callback/cas/logout"
effect="light"
trigger="hover">
<i class="el-icon-info"></i>
</el-tooltip>
</template>
<el-input v-model="form.configuration.redirectUrl"
placeholder="eg: http://<metersphere-endpoint>/sso/callback/cas/${authId}"/>
</el-form-item>
@ -126,8 +134,16 @@
</el-row>
<el-row>
<el-col>
<el-form-item label="Logout Endpoint"
<el-form-item
:rules="requiredRules">
<template v-slot:label>
Logout Endpoint
<el-tooltip content="Logout redirect URL: http://<metersphere-endpoint>/sso/callback/logout"
effect="light"
trigger="hover">
<i class="el-icon-info"></i>
</el-tooltip>
</template>
<el-input v-model="form.configuration.logoutUrl"
placeholder="eg: http://<keycloak>/auth/realms/<metersphere>/protocol/openid-connect/logout"/>
</el-form-item>