From 44138e661e458126a1594baf0a4d0ff30f8b7aa3 Mon Sep 17 00:00:00 2001
From: CaptainB <bin@fit2cloud.com>
Date: Wed, 19 Oct 2022 17:01:03 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20OIDC=20=E5=8D=95=E7=82=B9=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../gateway/service/SSOService.java           | 19 +---------
 .../controller/LoginController.java           |  4 ++
 .../metersphere/service/SSOLogoutService.java | 38 +++++++++++++++++++
 .../src/business/system/setting/MxAuth.vue    | 20 +++++++++-
 4 files changed, 61 insertions(+), 20 deletions(-)
 create mode 100644 framework/sdk-parent/sdk/src/main/java/io/metersphere/service/SSOLogoutService.java

diff --git a/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java b/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
index e8808685d5..6a14cb2f31 100644
--- a/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
+++ b/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
@@ -2,6 +2,7 @@ package io.metersphere.gateway.service;
 
 import io.metersphere.base.domain.AuthSource;
 import io.metersphere.base.domain.User;
+import io.metersphere.commons.constants.UserSource;
 import io.metersphere.commons.exception.MSException;
 import io.metersphere.commons.user.SessionUser;
 import io.metersphere.commons.utils.CodingUtil;
@@ -158,24 +159,6 @@ public class SSOService {
         session.getAttributes().put("user", userOptional.get());
     }
 
-    /**
-     * oidc logout
-     */
-//    public void logout() throws Exception {
-//        String authId = (String) SecurityUtils.getSubject().getSession().getAttribute("authId");
-//        AuthSource authSource = authSourceService.getAuthSource(authId);
-//        if (authSource != null) {
-//            Map config = JSON.parseObject(authSource.getConfiguration(), Map.class);
-//            if (StringUtils.equals(UserSource.OIDC.name(), authSource.getType())) {
-//                String idToken = (String) SecurityUtils.getSubject().getSession().getAttribute("idToken");
-//                String logoutUrl = (String) config.get("logoutUrl");
-//
-//                RestTemplate restTemplate = getRestTemplateIgnoreSSL();
-//                restTemplate.getForEntity(logoutUrl + "?id_token_hint=" + idToken, String.class);
-//            }
-//        }
-//    }
-
     /**
      * cas callback
      */
diff --git a/framework/sdk-parent/sdk/src/main/java/io/metersphere/controller/LoginController.java b/framework/sdk-parent/sdk/src/main/java/io/metersphere/controller/LoginController.java
index 5a2bcf8eb1..c20978c7e8 100644
--- a/framework/sdk-parent/sdk/src/main/java/io/metersphere/controller/LoginController.java
+++ b/framework/sdk-parent/sdk/src/main/java/io/metersphere/controller/LoginController.java
@@ -15,6 +15,7 @@ import io.metersphere.log.annotation.MsAuditLog;
 import io.metersphere.request.LoginRequest;
 import io.metersphere.service.BaseDisplayService;
 import io.metersphere.service.BaseUserService;
+import io.metersphere.service.SSOLogoutService;
 import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.reflect.MethodUtils;
@@ -37,6 +38,8 @@ public class LoginController {
     private BaseUserService baseUserService;
     @Resource
     private BaseDisplayService baseDisplayService;
+    @Resource
+    private SSOLogoutService ssoLogoutService;
     @Value("${spring.application.name}")
     private String serviceId;
     @Value("${server.port}")
@@ -84,6 +87,7 @@ public class LoginController {
     @GetMapping(value = "/signout")
     @MsAuditLog(module = OperLogModule.AUTH_TITLE, beforeEvent = "#msClass.getUserId(id)", type = OperLogConstants.LOGIN, title = "登出", msClass = SessionUtils.class)
     public ResultHolder logout() throws Exception {
+        ssoLogoutService.logout();
         SecurityUtils.getSubject().logout();
         return ResultHolder.success(StringUtils.EMPTY);
     }
diff --git a/framework/sdk-parent/sdk/src/main/java/io/metersphere/service/SSOLogoutService.java b/framework/sdk-parent/sdk/src/main/java/io/metersphere/service/SSOLogoutService.java
new file mode 100644
index 0000000000..6340ce296b
--- /dev/null
+++ b/framework/sdk-parent/sdk/src/main/java/io/metersphere/service/SSOLogoutService.java
@@ -0,0 +1,38 @@
+package io.metersphere.service;
+
+import io.metersphere.base.domain.AuthSource;
+import io.metersphere.base.mapper.AuthSourceMapper;
+import io.metersphere.commons.constants.UserSource;
+import io.metersphere.commons.utils.JSON;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.SecurityUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+import javax.annotation.Resource;
+import java.util.Map;
+
+@Service
+public class SSOLogoutService {
+    @Resource
+    private AuthSourceMapper authSourceMapper;
+    @Resource
+    private RestTemplate restTemplate;
+
+    /**
+     * oidc logout
+     */
+    public void logout() throws Exception {
+        String authId = (String) SecurityUtils.getSubject().getSession().getAttribute("authId");
+        AuthSource authSource = authSourceMapper.selectByPrimaryKey(authId);
+        if (authSource != null) {
+            Map config = JSON.parseObject(authSource.getConfiguration(), Map.class);
+            if (StringUtils.equals(UserSource.OIDC.name(), authSource.getType())) {
+                String idToken = (String) SecurityUtils.getSubject().getSession().getAttribute("idToken");
+                String logoutUrl = (String) config.get("logoutUrl");
+
+                restTemplate.getForEntity(logoutUrl + "?id_token_hint=" + idToken, String.class);
+            }
+        }
+    }
+}
diff --git a/system-setting/frontend/src/business/system/setting/MxAuth.vue b/system-setting/frontend/src/business/system/setting/MxAuth.vue
index 54a27f304a..30b9f0b309 100644
--- a/system-setting/frontend/src/business/system/setting/MxAuth.vue
+++ b/system-setting/frontend/src/business/system/setting/MxAuth.vue
@@ -89,7 +89,15 @@
               <el-form-item label="Validate URL" :rules="requiredRules">
                 <el-input v-model="form.configuration.validateUrl" placeholder="eg: http://<casurl>/serviceValidate"/>
               </el-form-item>
-              <el-form-item label="Redirect URL" :rules="requiredRules">
+              <el-form-item :rules="requiredRules">
+                <template v-slot:label>
+                  Redirect URL
+                  <el-tooltip content="Logout redirect URL: http://<metersphere-endpoint>/sso/callback/cas/logout"
+                              effect="light"
+                              trigger="hover">
+                    <i class="el-icon-info"></i>
+                  </el-tooltip>
+                </template>
                 <el-input v-model="form.configuration.redirectUrl"
                           placeholder="eg: http://<metersphere-endpoint>/sso/callback/cas/${authId}"/>
               </el-form-item>
@@ -126,8 +134,16 @@
           </el-row>
           <el-row>
             <el-col>
-              <el-form-item label="Logout Endpoint"
+              <el-form-item
                             :rules="requiredRules">
+                <template v-slot:label>
+                  Logout Endpoint
+                  <el-tooltip content="Logout redirect URL: http://<metersphere-endpoint>/sso/callback/logout"
+                              effect="light"
+                              trigger="hover">
+                    <i class="el-icon-info"></i>
+                  </el-tooltip>
+                </template>
                 <el-input v-model="form.configuration.logoutUrl"
                           placeholder="eg: http://<keycloak>/auth/realms/<metersphere>/protocol/openid-connect/logout"/>
               </el-form-item>