Quantcast

OAuth2 Logout

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

OAuth2 Logout

gfinesch
I'm integrating Xwiki with OAuth2. I managed to login but now I'm struggling with logging out from the server when I click on 'logout' in Xwiki. This is the code snippet that performs the redirection to the server to logout from it:

else if ("logout".equals(context.getAction())
                                && wrappedRequest.getUserPrincipal() != null) {
                        // redirect to the OAuth2 logout page
                        wrappedRequest.setUserPrincipal(null);

                        try {
                                context.getResponse().sendRedirect(
                                                configuration.getOAuth2Param(
                                                                LOGOUT_URL.replace(".", "_"), LOGOUT_URL,
                                                                "logouturl", context));
                        } catch (IOException e) {
                                throw new XWikiException(XWikiException.MODULE_XWIKI_USER,
                                                XWikiException.ERROR_XWIKI_USER_INIT,
                                                "Can't redirect to the OAuth2 logout page", e);
                        }
                        return null;

                }
I wrote a XWikiOAuth2Authenticator class that extends XWikiAuthServiceImpl and overrides checkAuth.

The code works since I get redirected to LOGOUT_URL but I also get the following stacktrace due to the calling of other Xwiki classes out of my control:

2017-04-28 17:05:31,155 [http://localhost:8080/xwiki/bin/logout/XWiki/XWikiLogout?xredirect=%2Fxwiki%2Fbin%2Fview%2FMain
%2F] WARN  c.x.x.w.XWikiAction            - Uncaught exception: Error number 0 in 11: Uncaught exception
com.xpn.xwiki.XWikiException: Error number 0 in 11: Uncaught exception
        at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:474)
        at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:210)
        at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
        at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
        at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
        at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:112)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.j
ava:208)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.j
ava:111)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:136)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:957)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:620)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2476)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2465)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalStateException: Cannot create a session after the response has been committed
        at org.apache.catalina.connector.Request.doGetSession(Request.java:3008)
        at org.apache.catalina.connector.Request.getSession(Request.java:2384)
        at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:897)
        at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
        at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
        at com.xpn.xwiki.web.LogoutAction.action(LogoutAction.java:57)
        at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:446)
        ... 46 common frames omitted

I'm obviously doing something wrong and I couldn't find an example of how to logout from a server. What's the correct way and where is the correct place to do that? Or...how can I avoid this exception? Thank you.



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: OAuth2 Logout

vmassol
Administrator
Hi,

I don’t know much about xwiki and oauth2 but by googling I’ve found this extension that seems to be doing that:
http://extensions.xwiki.org/xwiki/bin/view/Extension/XWiki%20Application%20-%20Google%20Apps

It says: "This integration uses the OAuth2 protocol to connect Google Apps with XWiki.”

Maybe that could help you. See https://github.com/xwiki-contrib/application-googleapps/blob/master/src/main/resources/GoogleApps/AuthService.xml

Thanks
-Vincent

> On 28 Apr 2017, at 17:37, gfinesch <[hidden email]> wrote:
>
> I'm integrating Xwiki with OAuth2. I managed to login but now I'm struggling
> with logging out from the server when I click on 'logout' in Xwiki. This is
> the code snippet that performs the redirection to the server to logout from
> it:
>
> else if ("logout".equals(context.getAction())
> && wrappedRequest.getUserPrincipal() != null) {
> // redirect to the OAuth2 logout page
> wrappedRequest.setUserPrincipal(null);
>
> try {
> context.getResponse().sendRedirect(
> configuration.getOAuth2Param(
> LOGOUT_URL.replace(".", "_"), LOGOUT_URL,
> "logouturl", context));
> } catch (IOException e) {
> throw new XWikiException(XWikiException.MODULE_XWIKI_USER,
> XWikiException.ERROR_XWIKI_USER_INIT,
> "Can't redirect to the OAuth2 logout page", e);
> }
> return null;
>
> }
> I wrote a XWikiOAuth2Authenticator class that extends XWikiAuthServiceImpl
> and overrides checkAuth.
>
> The code works since I get redirected to LOGOUT_URL but I also get the
> following stacktrace due to the calling of other Xwiki classes out of my
> control:
>
> 2017-04-28 17:05:31,155
> [http://localhost:8080/xwiki/bin/logout/XWiki/XWikiLogout?xredirect=%2Fxwiki%2Fbin%2Fview%2FMain
> %2F] WARN  c.x.x.w.XWikiAction            - Uncaught exception: Error number
> 0 in 11: Uncaught exception
> com.xpn.xwiki.XWikiException: Error number 0 in 11: Uncaught exception
>        at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:474)
>        at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:210)
>        at
> org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
>        at
> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
>        at
> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
>        at
> org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:112)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at
> org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at
> org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at
> org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.j
> ava:208)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at
> org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.j
> ava:111)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at
> org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:136)
>        at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>        at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>        at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>        at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>        at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
>        at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
>        at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>        at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:957)
>        at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>        at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
>        at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
>        at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:620)
>        at
> org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2476)
>        at
> org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2465)
>        at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>        at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>        at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>        at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.IllegalStateException: Cannot create a session after
> the response has been committed
>        at
> org.apache.catalina.connector.Request.doGetSession(Request.java:3008)
>        at
> org.apache.catalina.connector.Request.getSession(Request.java:2384)
>        at
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:897)
>        at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
>        at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
>        at com.xpn.xwiki.web.LogoutAction.action(LogoutAction.java:57)
>        at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:446)
>        ... 46 common frames omitted
>
> I'm obviously doing something wrong and I couldn't find an example of how to
> logout from a server. What's the correct way and where is the correct place
> to do that? Or...how can I avoid this exception? Thank you.
>
>
>
>
>
>
>
> --
> View this message in context: http://xwiki.475771.n2.nabble.com/OAuth2-Logout-tp7603692.html
> Sent from the XWiki- Users mailing list archive at Nabble.com.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: OAuth2 Logout

Thomas Mortagne
Administrator
In reply to this post by gfinesch
You should probably look at how the OpenID Connect authenticator deal
with logout. See
https://github.com/xwiki-contrib/oidc/tree/master/oidc-authenticator.

By the way since OpenID Connect is based on OAuth2 it might be better
make OIDC authenticator support OAuth2 only servers (I don't remember
if I did something for it already but I certainly never tested this
use case) instead of writing a new one from scratch. Looks like you
did a lot of things already but it might be easier to maintain on the
long run.

On Fri, Apr 28, 2017 at 5:37 PM, gfinesch <[hidden email]> wrote:

> I'm integrating Xwiki with OAuth2. I managed to login but now I'm struggling
> with logging out from the server when I click on 'logout' in Xwiki. This is
> the code snippet that performs the redirection to the server to logout from
> it:
>
> else if ("logout".equals(context.getAction())
>                                 && wrappedRequest.getUserPrincipal() != null) {
>                         // redirect to the OAuth2 logout page
>                         wrappedRequest.setUserPrincipal(null);
>
>                         try {
>                                 context.getResponse().sendRedirect(
>                                                 configuration.getOAuth2Param(
>                                                                 LOGOUT_URL.replace(".", "_"), LOGOUT_URL,
>                                                                 "logouturl", context));
>                         } catch (IOException e) {
>                                 throw new XWikiException(XWikiException.MODULE_XWIKI_USER,
>                                                 XWikiException.ERROR_XWIKI_USER_INIT,
>                                                 "Can't redirect to the OAuth2 logout page", e);
>                         }
>                         return null;
>
>                 }
> I wrote a XWikiOAuth2Authenticator class that extends XWikiAuthServiceImpl
> and overrides checkAuth.
>
> The code works since I get redirected to LOGOUT_URL but I also get the
> following stacktrace due to the calling of other Xwiki classes out of my
> control:
>
> 2017-04-28 17:05:31,155
> [http://localhost:8080/xwiki/bin/logout/XWiki/XWikiLogout?xredirect=%2Fxwiki%2Fbin%2Fview%2FMain
> %2F] WARN  c.x.x.w.XWikiAction            - Uncaught exception: Error number
> 0 in 11: Uncaught exception
> com.xpn.xwiki.XWikiException: Error number 0 in 11: Uncaught exception
>         at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:474)
>         at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:210)
>         at
> org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
>         at
> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
>         at
> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
>         at
> org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:112)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at
> org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at
> org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at
> org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.j
> ava:208)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at
> org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.j
> ava:111)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at
> org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:136)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>         at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>         at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>         at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
>         at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
>         at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>         at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:957)
>         at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>         at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
>         at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
>         at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:620)
>         at
> org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2476)
>         at
> org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2465)
>         at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>         at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>         at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.IllegalStateException: Cannot create a session after
> the response has been committed
>         at
> org.apache.catalina.connector.Request.doGetSession(Request.java:3008)
>         at
> org.apache.catalina.connector.Request.getSession(Request.java:2384)
>         at
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:897)
>         at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
>         at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:229)
>         at com.xpn.xwiki.web.LogoutAction.action(LogoutAction.java:57)
>         at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:446)
>         ... 46 common frames omitted
>
> I'm obviously doing something wrong and I couldn't find an example of how to
> logout from a server. What's the correct way and where is the correct place
> to do that? Or...how can I avoid this exception? Thank you.
>
>
>
>
>
>
>
> --
> View this message in context: http://xwiki.475771.n2.nabble.com/OAuth2-Logout-tp7603692.html
> Sent from the XWiki- Users mailing list archive at Nabble.com.



--
Thomas Mortagne
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: OAuth2 Logout

gfinesch
Thank you for your replies. I was actually trying avoiding the deprecated methods used by the OpenId Connect Extension you suggested so I took the CAS Extension source code as an example and from that I built my code. The login part runs without errors, the logout part doesn't. We are currently integrating all our company's applications with OAuth2. I will discuss the possibility of implementing the OpenID Connect specifics with the server's developers to be able to use the 'official' Xwiki's OpenID Connect Extension.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: OAuth2 Logout

Thomas Mortagne
Administrator
If you are referring to the use of Utils.getComponent it's not exactly
deprecated but discouraged to avoid having people using it in components
but XWikiAuthServiceImpl is still old style so there is not much way around
it right now.

On Fri, May 5, 2017 at 10:11 AM, gfinesch <[hidden email]> wrote:

> Thank you for your replies. I was actually trying avoiding the deprecated
> methods used by the OpenId Connect Extension you suggested so I took the
> CAS
> Extension source code as an example and from that I built my code. The
> login
> part runs without errors, the logout part doesn't. We are currently
> integrating all our company's applications with OAuth2. I will discuss the
> possibility of implementing the OpenID Connect specifics with the server's
> developers to be able to use the 'official' Xwiki's OpenID Connect
> Extension.
>
>
>
> --
> View this message in context: http://xwiki.475771.n2.nabble.
> com/OAuth2-Logout-tp7603692p7603759.html
> Sent from the XWiki- Users mailing list archive at Nabble.com.
>



--
Thomas Mortagne
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: OAuth2 Logout

gfinesch
This post was updated on .
Yes, now I know that . I had to try either one way or the other and I've realized that I probably chose the "wrong" one. If I have enough time and...budget , I'll fix the problem by using the component's way of customization.

PS
I work with Daniele Gagliardi :)
Loading...