refactor: OIDC 单点登录修改

framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java

@@ -2,6 +2,7 @@ package io.metersphere.gateway.service;
 
 import io.metersphere.base.domain.AuthSource;
 import io.metersphere.base.domain.User;
+import io.metersphere.commons.constants.UserSource;
 import io.metersphere.commons.exception.MSException;
 import io.metersphere.commons.user.SessionUser;
 import io.metersphere.commons.utils.CodingUtil;
@@ -158,24 +159,6 @@ public class SSOService {
         session.getAttributes().put("user", userOptional.get());
     }
 
-    /**
-     * oidc logout
-     */
-//    public void logout() throws Exception {
-//        String authId = (String) SecurityUtils.getSubject().getSession().getAttribute("authId");
-//        AuthSource authSource = authSourceService.getAuthSource(authId);
-//        if (authSource != null) {
-//            Map config = JSON.parseObject(authSource.getConfiguration(), Map.class);
-//            if (StringUtils.equals(UserSource.OIDC.name(), authSource.getType())) {
-//                String idToken = (String) SecurityUtils.getSubject().getSession().getAttribute("idToken");
-//                String logoutUrl = (String) config.get("logoutUrl");
-//
-//                RestTemplate restTemplate = getRestTemplateIgnoreSSL();
-//                restTemplate.getForEntity(logoutUrl + "?id_token_hint=" + idToken, String.class);
-//            }
-//        }
-//    }
-
     /**
      * cas callback
      */

framework/sdk-parent/sdk/src/main/java/io/metersphere/controller/LoginController.java

@@ -15,6 +15,7 @@ import io.metersphere.log.annotation.MsAuditLog;
 import io.metersphere.request.LoginRequest;
 import io.metersphere.service.BaseDisplayService;
 import io.metersphere.service.BaseUserService;
+import io.metersphere.service.SSOLogoutService;
 import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.reflect.MethodUtils;
@@ -37,6 +38,8 @@ public class LoginController {
     private BaseUserService baseUserService;
     @Resource
     private BaseDisplayService baseDisplayService;
+    @Resource
+    private SSOLogoutService ssoLogoutService;
     @Value("${spring.application.name}")
     private String serviceId;
     @Value("${server.port}")
@@ -84,6 +87,7 @@ public class LoginController {
     @GetMapping(value = "/signout")
     @MsAuditLog(module = OperLogModule.AUTH_TITLE, beforeEvent = "#msClass.getUserId(id)", type = OperLogConstants.LOGIN, title = "登出", msClass = SessionUtils.class)
     public ResultHolder logout() throws Exception {
+        ssoLogoutService.logout();
         SecurityUtils.getSubject().logout();
         return ResultHolder.success(StringUtils.EMPTY);
     }

framework/sdk-parent/sdk/src/main/java/io/metersphere/service/SSOLogoutService.java

@@ -0,0 +1,38 @@
+package io.metersphere.service;
+
+import io.metersphere.base.domain.AuthSource;
+import io.metersphere.base.mapper.AuthSourceMapper;
+import io.metersphere.commons.constants.UserSource;
+import io.metersphere.commons.utils.JSON;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.SecurityUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+import javax.annotation.Resource;
+import java.util.Map;
+
+@Service
+public class SSOLogoutService {
+    @Resource
+    private AuthSourceMapper authSourceMapper;
+    @Resource
+    private RestTemplate restTemplate;
+
+    /**
+     * oidc logout
+     */
+    public void logout() throws Exception {
+        String authId = (String) SecurityUtils.getSubject().getSession().getAttribute("authId");
+        AuthSource authSource = authSourceMapper.selectByPrimaryKey(authId);
+        if (authSource != null) {
+            Map config = JSON.parseObject(authSource.getConfiguration(), Map.class);
+            if (StringUtils.equals(UserSource.OIDC.name(), authSource.getType())) {
+                String idToken = (String) SecurityUtils.getSubject().getSession().getAttribute("idToken");
+                String logoutUrl = (String) config.get("logoutUrl");
+
+                restTemplate.getForEntity(logoutUrl + "?id_token_hint=" + idToken, String.class);
+            }
+        }
+    }
+}

system-setting/frontend/src/business/system/setting/MxAuth.vue

@@ -89,7 +89,15 @@
               <el-form-item label="Validate URL" :rules="requiredRules">
                 <el-input v-model="form.configuration.validateUrl" placeholder="eg: http://<casurl>/serviceValidate"/>
               </el-form-item>
-              <el-form-item label="Redirect URL" :rules="requiredRules">
+              <el-form-item :rules="requiredRules">
+                <template v-slot:label>
+                  Redirect URL
+                  <el-tooltip content="Logout redirect URL: http://<metersphere-endpoint>/sso/callback/cas/logout"
+                              effect="light"
+                              trigger="hover">
+                    <i class="el-icon-info"></i>
+                  </el-tooltip>
+                </template>
                 <el-input v-model="form.configuration.redirectUrl"
                           placeholder="eg: http://<metersphere-endpoint>/sso/callback/cas/${authId}"/>
               </el-form-item>
@@ -126,8 +134,16 @@
           </el-row>
           <el-row>
             <el-col>
-              <el-form-item label="Logout Endpoint"
+              <el-form-item
                             :rules="requiredRules">
+                <template v-slot:label>
+                  Logout Endpoint
+                  <el-tooltip content="Logout redirect URL: http://<metersphere-endpoint>/sso/callback/logout"
+                              effect="light"
+                              trigger="hover">
+                    <i class="el-icon-info"></i>
+                  </el-tooltip>
+                </template>
                 <el-input v-model="form.configuration.logoutUrl"
                           placeholder="eg: http://<keycloak>/auth/realms/<metersphere>/protocol/openid-connect/logout"/>
               </el-form-item>