Package com.c4_soft.springaddons.security.oidc.starter.reactive.client

Class SpringAddonsServerLogoutSuccessHandler

java.lang.Object
com.c4_soft.springaddons.security.oidc.starter.reactive.client.SpringAddonsServerLogoutSuccessHandler
All Implemented Interfaces:
org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler
public class SpringAddonsServerLogoutSuccessHandler extends Object implements org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler

Provide with RP-Initiated Logout for authorization-servers fully compliant with OIDC standard as well as those "almost" implementing the spec. It is (auto)configured with SpringAddonsOidcClientProperties.

This implementation is not multi-tenant ready. It will terminate the user session on this application as well as on a single authorization-server (the one which emitted the access-token with which the logout request is made).

This bean is auto-configured by ReactiveSpringAddonsOidcClientWithLoginBeans as @ConditionalOnMissingBean of type ServerLogoutSuccessHandler. Usage: 

 SecurityFilterChain uiFilterChain(HttpSecurity http,
     ServerLogoutSuccessHandler logoutSuccessHandler) {
   http.logout().logoutSuccessHandler(logoutSuccessHandler);
 }
Author:
Jerome Wacongne ch4mp@c4-soft.com
See Also:

  • Constructor Details

    • SpringAddonsServerLogoutSuccessHandler

      public SpringAddonsServerLogoutSuccessHandler(LogoutRequestUriBuilder uriBuilder, org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository clientRegistrationRepo, SpringAddonsOidcProperties addonsProperties)

  • Method Details

    • onLogoutSuccess

      public reactor.core.publisher.Mono<Void> onLogoutSuccess(org.springframework.security.web.server.WebFilterExchange exchange, org.springframework.security.core.Authentication authentication)
      Specified by:
      onLogoutSuccess in interface org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler