OAuthLogout.jsp revision e8721886dbfd32e88cc7077cbee4b6bb1b44b443
7e5b2100ea65658a7ec3795919b4ecd29a6f118aMark Andrews DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
eae67738cba5ca069e9d1d4e7b836a2f7b00a374Mark Andrews Copyright (c) 2011 ForgeRock Inc. All rights reserved.
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews The contents of this file are subject to the terms
46e873c835bf7d9ec3e1097e0aceb8db5b1ae93aMark Andrews of the Common Development and Distribution License
a3b428812703d22a605a9f882e71ed65f0ffdc65Mark Andrews (the License). You may not use this file except in
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews compliance with the License.
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington You can obtain a copy of the License at
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington See the License for the specific language governing
01bf5871f8861eb805dd8ca79bdb9b0b9e4e6a5eMark Andrews permission and limitations under the License.
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews When distributing Covered Code, include this CDDL
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews Header Notice in each file and include the License file
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews If applicable, add the following below the CDDL Header,
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews with the fields enclosed by brackets [] replaced by
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews your own identifying information:
c718d15a9a95054ee3c71540c02335426071fc6dMark Andrews "Portions Copyrighted [year] [name of copyright owner]"
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson Portions Copyrighted 2012 Open Source Solution Technology Corporation
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
a3b428812703d22a605a9f882e71ed65f0ffdc65Mark Andrews<%@ page language="java" pageEncoding="UTF-8" %>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<%@ page import="org.owasp.esapi.*" %>
c718d15a9a95054ee3c71540c02335426071fc6dMark Andrews<%@ page import="com.iplanet.am.util.SystemProperties" %>
c6d4f781529d2f28693546b25b2967d44ec89e60Mark Andrews<%@ page import="com.sun.identity.shared.Constants" %>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<%@ page import="static org.forgerock.openam.authentication.modules.oauth2.OAuthParam.*" %>
c718d15a9a95054ee3c71540c02335426071fc6dMark Andrews<%@ page import="java.io.IOException" %>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<%@ page import="java.util.ResourceBundle" %>
c069a20053d41ae299eb9457e50ea44ae9f73ed2Mark Andrews<%@ page import="java.util.Locale" %>
ed178efa9ab8f813538fce4ff603b81ded9f1799Mark Andrews<%@ page import="java.util.MissingResourceException" %>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews<%@ page import="org.forgerock.openam.authentication.modules.oauth2.OAuthUtil" %>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews // Internationalization stuff. You can use any internationalization framework
ede29aeb412c5448ab9a2028763ae08e7887ca74Mark Andrews String lang = request.getParameter("lang");
1eb1e1e838d2ea00b166c918bf50764a95826be8Mark Andrews ResourceBundle resources;
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews Locale locale = null;
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson if (lang != null && lang.length() != 0) {
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews locale = new Locale(lang);
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews resources = ResourceBundle.getBundle("amAuthOAuth", locale);
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson OAuthUtil.debugMessage("OAuthLogout: obtained resource bundle with locale " + locale);
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews } catch (MissingResourceException mr) {
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington OAuthUtil.debugError("OAuthLogout: Resource Bundle not found", mr);
26a77b80bb7ee886c6fa704348d5e80a011d8811Mark Andrews resources = ResourceBundle.getBundle("amAuthOAuth");
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews String logoutForm = ESAPI.encoder().encodeForHTML(LOGOUT_FORM);
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews String loggedoutParam = ESAPI.encoder().encodeForHTML(PARAM_LOGGEDOUT);
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews String gotoParam = ESAPI.encoder().encodeForHTML(PARAM_GOTO);
62ee2c9f460d2e2e45dcf1abc8b4b4a4a43f5618Mark Andrews String logoutURLParam = ESAPI.encoder().encodeForHTML(PARAM_LOGOUT_URL);
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews String logmeoutValue = ESAPI.encoder().encodeForHTML(resources.getString("logmeout"));
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews String donotValue = ESAPI.encoder().encodeForHTML(resources.getString("donot"));
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews String doYouWantToLogout = resources.getString("doYouWantToLogout");
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews String youVeBeenLogedOut = resources.getString("youVeBeenLogedOut");
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson String loggingYouOut = resources.getString("loggingYouOut");
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews // Getting and validating params
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson String gotoURL = request.getParameter(PARAM_GOTO);
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews String gotoURLencAttr = "";
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson String OAuth2IdP = "";
9e3a7b0faf417a10f5f689edf288807b2d5eedc5Brian Wellington String ServiceURI = SystemProperties.get(Constants.AM_SERVICES_DEPLOYMENT_DESCRIPTOR);
c25080dc50542213058c240226c9f342186e6285Mark Andrews if (gotoURL == null || gotoURL.isEmpty() ) {
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews gotoURL = ServiceURI + "/UI/Logout";
46e873c835bf7d9ec3e1097e0aceb8db5b1ae93aMark Andrews boolean isValidURL = ESAPI.validator().
dd9ad704c3800e3ab07ede8595871eac79984871Mark Andrews isValidInput("URLContext", gotoURL, "URL", 255, false);
605bd686e437162b5ab65ac4e7c1be0bba1886ddMark Andrews boolean isValidURI = ESAPI.validator().
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews isValidInput("HTTP URI: " + gotoURL, gotoURL, "HTTPURI", 2000, false);
413988c8166976498250c0ebb2e3a645d0366bd3Mark Andrews if (!isValidURL && !isValidURI) {
605bd686e437162b5ab65ac4e7c1be0bba1886ddMark Andrews OAuthUtil.debugError("OAuthLogout: wrong goto URL attempted to be used "
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews + "in the Logout page: " + gotoURL);
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews gotoURL = "wronggotoURL";
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews String logoutURL = request.getParameter(PARAM_LOGOUT_URL);
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews if (logoutURL == null) {
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews logoutURL = "";
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews boolean isValidURL = ESAPI.validator().
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews isValidInput("URLContext", logoutURL, "URL", 255, false);
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews if (!isValidURL) {
642e0716c8b4ab82ebc8e60f94c9e897ee89f19aMark Andrews OAuthUtil.debugError("OAuthLogout: wrong logoutURL URL attempted to be used "
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews + "in the Logout page: " + logoutURL);
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews logoutURL = "wronglogoutURL";
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews int loc1 = logoutURL.indexOf("//") + 2;
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews OAuth2IdP = logoutURL.substring(loc1, logoutURL.indexOf("/", loc1));
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews doYouWantToLogout = doYouWantToLogout.replace("#IDP#", OAuth2IdP);
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews String copyrightNotice = null;
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews copyrightNotice = ResourceBundle.getBundle("amAuthUI", locale).getString("copyright.notice");
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews } catch (MissingResourceException mr) {
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews String loggedout = request.getParameter(PARAM_LOGGEDOUT);
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews System.out.println("loggedout=" + loggedout);
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews <link href="<%= ServiceURI%>/css/new_style.css" rel="stylesheet" type="text/css" />
ed178efa9ab8f813538fce4ff603b81ded9f1799Mark Andrews <!--[if IE 9]> <link href="<%= ServiceURI %>/css/ie9.css" rel="stylesheet" type="text/css"> <![endif]-->
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <!--[if lte IE 7]> <link href="<%= ServiceURI %>/css/ie7.css" rel="stylesheet" type="text/css"> <![endif]-->
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews <script language="JavaScript" type="text/javascript">
46e873c835bf7d9ec3e1097e0aceb8db5b1ae93aMark Andrews function adios() {
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews window.location = "<%= gotoURL %>";
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews function logoutAll() {
dd9ad704c3800e3ab07ede8595871eac79984871Mark Andrews // Creates an iFrame to log out from the OAuth 2.0 IdP
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews var frame = document.getElementById('frame');
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews if (!frame){return};
46e873c835bf7d9ec3e1097e0aceb8db5b1ae93aMark Andrews var logMsg = document.getElementById('logoutMsg');
46e873c835bf7d9ec3e1097e0aceb8db5b1ae93aMark Andrews var logMsgVs = document.getElementById('logoutMsgVisible');
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews var main = document.getElementById('main');
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews var iframe = document.createElement('iframe');
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews iframe.setAttribute('src', '<%= logoutURL %>');
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews iframe.setAttribute('frameborder', 0);
ca12f7f4cf72e2368ee946f3eb4915ab73576cdcMark Andrews <% if (loggedout != null && loggedout.equalsIgnoreCase("logmeout")){
1eb1e1e838d2ea00b166c918bf50764a95826be8Mark Andrews out.println("logoutAll(); }");
c718d15a9a95054ee3c71540c02335426071fc6dMark Andrews <title>Logout</title>
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews <div class="container_12">
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <div class="grid_4 suffix_8">
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews <a class="logo" href="<%= ServiceURI%>"></a>
75216e007570b8ea36b3ac9cca096bf70c0ca6f6Mark Andrews <div class="box box-spaced clear-float">
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews <div class="grid_3">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <div class="product-logo"></div>
ed178efa9ab8f813538fce4ff603b81ded9f1799Mark Andrews <div class="grid_9">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <div class="box-content clear-float">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <div class="message">
6b5c57e52ac8c3e0af1547be3140ebbfb41a85b3Mark Andrews <span class="icon info"></span>
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews <div id="logoutMsg" style="display:none">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <h3><%= loggingYouOut %></h3>
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <div id="logoutMsgVisible">
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews <h3><%= doYouWantToLogout %></h3>
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews <div id="frame">
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews Your browser does not support scripts.
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews This page needs javascript to be enabled in your browser.
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews <div id="main">
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews <form name="<%= logoutForm %>" method="POST" action="">
821d2613356f81e5bb5c107288d6d5cf35c2a1e8Mark Andrews <input name="<%= loggedoutParam %>" type="button" class="button" onClick="adios()" onmousedown="adios()" value="<%= donotValue %>" />
91216cff91b34c9ff6e846dc23f248219cafe660Andreas Gustafsson <input name="<%= loggedoutParam %>" type="button" class="button right" onClick="logoutAll()" onmousedown="adios()" value="<%= logmeoutValue %>" />
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews <div class="footer alt-color">
068a66979695c77359e7a9181bb3f831c965b21cMark Andrews <div class="grid_6 suffix_3">
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews <% if (copyrightNotice != null){
a9789e288ee11ae4315e27235c33bae5405bd7c4Mark Andrews out.println(copyrightNotice);