-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathKindeLogoutServlet.java
More file actions
59 lines (51 loc) · 2.21 KB
/
KindeLogoutServlet.java
File metadata and controls
59 lines (51 loc) · 2.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
package com.kinde.servlet;
import com.kinde.KindeClientSession;
import com.kinde.authorization.AuthorizationType;
import com.kinde.authorization.AuthorizationUrl;
import com.kinde.constants.KindeAuthenticationAction;
import com.kinde.principal.KindePrincipal;
import com.kinde.token.AccessToken;
import com.kinde.token.IDToken;
import com.kinde.token.KindeToken;
import com.kinde.token.RefreshToken;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import java.security.Principal;
import java.util.List;
import static com.kinde.constants.KindeConstants.*;
import static com.kinde.constants.KindeJ2eeConstants.*;
public class KindeLogoutServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
try {
String logoutRedirectUri = req.getParameter("redirect_uri");
AuthorizationUrl authorizationUrl;
KindeClientSession clientSession = KindeSingleton
.getInstance()
.getKindeClientBuilder()
.build()
.clientSession();
if (logoutRedirectUri != null && !logoutRedirectUri.isEmpty()) {
authorizationUrl = clientSession.logout(logoutRedirectUri);
} else {
authorizationUrl = clientSession.logout();
}
HttpSession session = req.getSession(false);
if (session != null) {
session.removeAttribute(ACCESS_TOKEN);
session.removeAttribute(ID_TOKEN);
session.removeAttribute(REFRESH_TOKEN);
session.removeAttribute(AUTHENTICATED_USER);
session.removeAttribute(AUTHORIZATION_URL);
session.invalidate();
}
resp.sendRedirect(authorizationUrl.getUrl().toString());
} catch (Exception ex) {
throw new ServletException("Failed to logout : " + ex.getMessage(),ex);
}
}
}