OAuthLogout.jsp revision 9740fa737ef2ed9453ab46d145777dbbbf6a747b
54db0529dcab47d08996454a076c5e4a0d75e5d2Mark Andrews DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews Copyright (c) 2011-2013 ForgeRock AS. All rights reserved.
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews The contents of this file are subject to the terms
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews of the Common Development and Distribution License
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews (the License). You may not use this file except in
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews compliance with the License.
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews You can obtain a copy of the License at
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews See the License for the specific language governing
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews permission and limitations under the License.
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews When distributing Covered Code, include this CDDL
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews Header Notice in each file and include the License file
3761c433912beabe43abeed2c3513b6201c59f64Mark Andrews If applicable, add the following below the CDDL Header,
854d0238dbc2908490197984b3b9d558008a53dfMark Andrews with the fields enclosed by brackets [] replaced by
854d0238dbc2908490197984b3b9d558008a53dfMark Andrews your own identifying information:
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews "Portions Copyrighted [year] [name of copyright owner]"
0e8cf9a887c70f96ac448b06c069d90b830215ccMark Andrews Portions Copyrighted 2012 Open Source Solution Technology Corporation
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
3d5cad69ec20157912e95cf3b79316dfb0a314f3Mark Andrews<%@ page language="java" pageEncoding="UTF-8" %>
f7b99290c31abeb20c55fc55391510450ce60423Mark Andrews<%@ page import="org.owasp.esapi.*" %>
d981ca645597116d227a48bf37cc5edc061c854dBob Halley<%@ page import="com.iplanet.am.util.SystemProperties" %>
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews<%@ page import="com.sun.identity.shared.Constants" %>
deaaf94332abbfdb3aff53675546acfed16e5eb6Mark Andrews<%@ page import="static org.forgerock.openam.authentication.modules.oauth2.OAuthParam.*" %>
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews<%@ page import="java.util.ResourceBundle" %>
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews<%@ page import="java.util.Locale" %>
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews<%@ page import="java.util.MissingResourceException" %>
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews<%@ page import="org.forgerock.openam.authentication.modules.oauth2.OAuthUtil" %>
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews // Internationalization stuff. You can use any internationalization framework
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String lang = request.getParameter("lang");
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews if (!ESAPI.validator().isValidInput("HTTP Parameter Value: " + lang, lang,
4529cdaedaf1a0a5f8ff89aeca510b7a4475446cBob Halley "HTTPParameterValue", 2000, true)){
5fc7ba3e1ac5d72239e9971e0f469dd5796738f9Andreas Gustafsson ResourceBundle resources;
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews Locale locale = null;
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews if (lang != null && lang.length() != 0) {
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews locale = new Locale(lang);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews resources = ResourceBundle.getBundle("amAuthOAuth", locale);
5fc7ba3e1ac5d72239e9971e0f469dd5796738f9Andreas Gustafsson OAuthUtil.debugMessage("OAuthLogout: obtained resource bundle with locale " + locale);
5fc7ba3e1ac5d72239e9971e0f469dd5796738f9Andreas Gustafsson } catch (MissingResourceException mr) {
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews OAuthUtil.debugError("OAuthLogout: Resource Bundle not found", mr);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews resources = ResourceBundle.getBundle("amAuthOAuth");
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String logoutForm = ESAPI.encoder().encodeForHTML(LOGOUT_FORM);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String loggedoutParam = ESAPI.encoder().encodeForHTML(PARAM_LOGGEDOUT);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String gotoParam = ESAPI.encoder().encodeForHTML(PARAM_GOTO);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String logoutURLParam = ESAPI.encoder().encodeForHTML(PARAM_LOGOUT_URL);
d981ca645597116d227a48bf37cc5edc061c854dBob Halley String logmeoutValue = ESAPI.encoder().encodeForHTML(resources.getString("logmeout"));
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String donotValue = ESAPI.encoder().encodeForHTML(resources.getString("donot"));
0e8cf9a887c70f96ac448b06c069d90b830215ccMark Andrews String doYouWantToLogout = resources.getString("doYouWantToLogout");
0e8cf9a887c70f96ac448b06c069d90b830215ccMark Andrews String youVeBeenLogedOut = resources.getString("youVeBeenLogedOut");
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String loggingYouOut = resources.getString("loggingYouOut");
3d5cad69ec20157912e95cf3b79316dfb0a314f3Mark Andrews // Getting and validating params
f7b99290c31abeb20c55fc55391510450ce60423Mark Andrews String gotoURL = request.getParameter(PARAM_GOTO);
d981ca645597116d227a48bf37cc5edc061c854dBob Halley String gotoURLencAttr = "";
1ef8965366d91e02a4672c35a187d30aa4a4c72cMark Andrews String OAuth2IdP = "";
1ef8965366d91e02a4672c35a187d30aa4a4c72cMark Andrews String ServiceURI = SystemProperties.get(Constants.AM_SERVICES_DEPLOYMENT_DESCRIPTOR);
1ef8965366d91e02a4672c35a187d30aa4a4c72cMark Andrews if (gotoURL == null || gotoURL.isEmpty() ) {
1ef8965366d91e02a4672c35a187d30aa4a4c72cMark Andrews gotoURL = ServiceURI + "/UI/Logout";
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews boolean isValidURL = ESAPI.validator().
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews isValidInput("URLContext", gotoURL, "URL", 255, false);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews boolean isValidURI = ESAPI.validator().
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews isValidInput("HTTP URI: " + gotoURL, gotoURL, "HTTPURI", 2000, false);
4529cdaedaf1a0a5f8ff89aeca510b7a4475446cBob Halley if (!isValidURL && !isValidURI) {
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews OAuthUtil.debugError("OAuthLogout: wrong goto URL attempted to be used "
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews + "in the Logout page: " + gotoURL);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews gotoURL = "wronggotoURL";
52637f592f705ca93fadc218e403fd55e8ce4aeaMark Andrews String logoutURL = request.getParameter(PARAM_LOGOUT_URL);
52637f592f705ca93fadc218e403fd55e8ce4aeaMark Andrews if (logoutURL == null) {
52637f592f705ca93fadc218e403fd55e8ce4aeaMark Andrews logoutURL = "";
52637f592f705ca93fadc218e403fd55e8ce4aeaMark Andrews boolean isValidURL = ESAPI.validator().
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews isValidInput("URLContext", logoutURL, "URL", 255, false);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews if (!isValidURL) {
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews OAuthUtil.debugError("OAuthLogout: wrong logoutURL URL attempted to be used "
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews + "in the Logout page: " + logoutURL);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews logoutURL = "wronglogoutURL";
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews int loc1 = logoutURL.indexOf("//") + 2;
4529cdaedaf1a0a5f8ff89aeca510b7a4475446cBob Halley OAuth2IdP = logoutURL.substring(loc1, logoutURL.indexOf("/", loc1));
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews doYouWantToLogout = doYouWantToLogout.replace("#IDP#", OAuth2IdP);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews String copyrightNotice = null;
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews copyrightNotice = ResourceBundle.getBundle("amAuthUI", locale).getString("copyright.notice");
3d5cad69ec20157912e95cf3b79316dfb0a314f3Mark Andrews } catch (MissingResourceException mr) {
f7b99290c31abeb20c55fc55391510450ce60423Mark Andrews String loggedout = request.getParameter(PARAM_LOGGEDOUT);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews System.out.println("loggedout=" + loggedout);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews <link href="<%= ServiceURI%>/css/new_style.css" rel="stylesheet" type="text/css" />
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews <!--[if IE 9]> <link href="<%= ServiceURI %>/css/ie9.css" rel="stylesheet" type="text/css"> <![endif]-->
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews <!--[if lte IE 7]> <link href="<%= ServiceURI %>/css/ie7.css" rel="stylesheet" type="text/css"> <![endif]-->
7c0539bea56022274da04263eb41fbb5b8835c38Mark Andrews <script language="JavaScript" type="text/javascript">
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews function adios() {
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews window.location = "<%= gotoURL %>";
0e8cf9a887c70f96ac448b06c069d90b830215ccMark Andrews function logoutAll() {
0e8cf9a887c70f96ac448b06c069d90b830215ccMark Andrews // Creates an iFrame to log out from the OAuth 2.0 IdP
f7b99290c31abeb20c55fc55391510450ce60423Mark Andrews var frame = document.getElementById('frame');
3d5cad69ec20157912e95cf3b79316dfb0a314f3Mark Andrews if (!frame){return};
f7b99290c31abeb20c55fc55391510450ce60423Mark Andrews var logMsg = document.getElementById('logoutMsg');
d981ca645597116d227a48bf37cc5edc061c854dBob Halley var logMsgVs = document.getElementById('logoutMsgVisible');
f7b99290c31abeb20c55fc55391510450ce60423Mark Andrews var main = document.getElementById('main');
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews var iframe = document.createElement('iframe');
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews iframe.setAttribute('src', '<%= logoutURL %>');
94a3bcd132e515b4baa0884ba9dd0f361d2e17bcMark Andrews iframe.setAttribute('frameborder', 0);
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews <% if (loggedout != null && loggedout.equalsIgnoreCase("logmeout")){
5d51e67c3b4f35c1be742574aacc1d88fe6ed444Mark Andrews out.println("logoutAll(); }");
94a3bcd132e515b4baa0884ba9dd0f361d2e17bcMark Andrews <title>Logout</title>
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <div class="container_12">
4529cdaedaf1a0a5f8ff89aeca510b7a4475446cBob Halley <div class="grid_4 suffix_8">
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <a class="logo" href="<%= ServiceURI%>"></a>
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <div class="box box-spaced clear-float">
b1bc194f94c0b3cbc5999582f08e8d7a20b91e2eBob Halley <div class="grid_3">
b1bc194f94c0b3cbc5999582f08e8d7a20b91e2eBob Halley <div class="product-logo"></div>
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <div class="grid_9">
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <div class="box-content clear-float">
b1bc194f94c0b3cbc5999582f08e8d7a20b91e2eBob Halley <div class="message">
b1bc194f94c0b3cbc5999582f08e8d7a20b91e2eBob Halley <span class="icon info"></span>
b1bc194f94c0b3cbc5999582f08e8d7a20b91e2eBob Halley <div id="logoutMsg" style="display:none">
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <h3><%= loggingYouOut %></h3>
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <div id="logoutMsgVisible">
d981ca645597116d227a48bf37cc5edc061c854dBob Halley <h3><%= doYouWantToLogout %></h3>
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley <div id="frame">
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley Your browser does not support scripts.
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley This page needs javascript to be enabled in your browser.
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley <div id="main">
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley <form name="<%= logoutForm %>" method="POST" action="">
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley <input name="<%= loggedoutParam %>" type="button" class="button" onClick="adios()" onmousedown="adios()" value="<%= donotValue %>" />
e27a69f8bd9538e08f775265167ba6cc5f47c587Bob Halley <input name="<%= loggedoutParam %>" type="button" class="button right" onClick="logoutAll()" onmousedown="adios()" value="<%= logmeoutValue %>" />
out.println(copyrightNotice);