From 16cba997e874708508d25ae214633851e5d88e12 Mon Sep 17 00:00:00 2001
From: "Crystal.Sea" <shimingxy@163.com>
Date: Thu, 26 Nov 2020 22:25:07 +0800
Subject: [PATCH] ONLINE_TICKET cookie

---
 .../maxkey/authn/RealmAuthenticationProvider.java  |  5 ++---
 .../src/main/java/org/maxkey/web/WebContext.java   | 14 +++++++++++++-
 .../org/maxkey/web/endpoint/LogoutEndpoint.java    |  8 ++++++++
 3 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java b/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
index dd8a476fa..7d2a02caf 100644
--- a/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
@@ -150,12 +150,11 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
         
         OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
         
-        
+        //set ONLINE_TICKET cookie
         WebContext.setCookie(WebContext.getResponse(), 
                 this.applicationConfig.getBaseDomainName(), 
                 WebConstants.ONLINE_TICKET_NAME, 
-                onlineTickitId, 
-                0);
+                onlineTickitId);
         
         SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo);
         //set OnlineTicket
diff --git a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
index d20476393..f28569a23 100644
--- a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
@@ -368,7 +368,7 @@ public final class WebContext {
             e.printStackTrace();
         }
         // 单位：秒
-        if(time > 0) {
+        if(time >= 0) {
             cookie.setMaxAge(time);
         }
         // 将Cookie添加到Response中,使之生效
@@ -376,6 +376,18 @@ public final class WebContext {
         return response;
     }
 
+    public static HttpServletResponse expiryCookie(
+            HttpServletResponse response, String domain ,String name, String value) {
+        WebContext.setCookie(response,domain,name, value,0);
+        return response;
+    }
+    
+    public static HttpServletResponse setCookie(
+            HttpServletResponse response, String domain ,String name, String value) {
+        WebContext.setCookie(response,domain,name, value,-1);
+        return response;
+    }
+
     /**
      * get Current Date,eg 2012-07-10.
      * 
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
index 2b1b867b5..5b67fc820 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
@@ -19,6 +19,7 @@ package org.maxkey.web.endpoint;
 
 import java.util.Iterator;
 import java.util.Set;
+import java.util.UUID;
 import java.util.Map.Entry;
 
 import javax.servlet.http.HttpServletRequest;
@@ -125,6 +126,13 @@ public class LogoutEndpoint {
             }
         }
  		onlineTicketServices.remove(onlineTicketId);
+ 		
+ 		//remove ONLINE_TICKET cookie
+ 		WebContext.expiryCookie(WebContext.getResponse(), 
+                this.applicationConfig.getBaseDomainName(), 
+                WebConstants.ONLINE_TICKET_NAME, 
+                UUID.randomUUID().toString());
+ 		
  		request.getSession().invalidate();
  		SecurityContextHolder.clearContext();
  		
-- 
GitLab