优化sso-demo增加登出功能

zlt-demo/sso-demo/src/main/java/com/sso/demo/config/SecurityConfig.java

@@ -6,6 +6,9 @@ import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
+
+import javax.annotation.Resource;
 
 /**
  * security配置
@@ -22,11 +25,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Value("${security.oauth2.sso.login-path:}")
     private String loginPath;
 
+    @Resource
+    private LogoutSuccessHandler ssoLogoutSuccessHandler;
+
     @Override
     public void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests().anyRequest().authenticated()
                 .and()
-                .csrf().disable();
+                    .csrf().disable()
+                .logout()
+                    .logoutSuccessHandler(ssoLogoutSuccessHandler);
         if (StrUtil.isNotEmpty(loginPath)) {
             http.formLogin().loginProcessingUrl(loginPath);
         }

zlt-demo/sso-demo/src/main/java/com/sso/demo/config/SsoLogoutSuccessHandler.java

+package com.sso.demo.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
+import org.springframework.security.web.DefaultRedirectStrategy;
+import org.springframework.security.web.RedirectStrategy;
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * 登出成功处理类
+ *
+ * @author zlt
+ * @date 2020/3/10
+ * <p>
+ * Blog: https://blog.csdn.net/zlt2000
+ * Github: https://github.com/zlt2000
+ */
+@Component
+public class SsoLogoutSuccessHandler implements LogoutSuccessHandler {
+	@Value("${zlt.logout-uri:''}")
+	private String logoutUri;
+
+	private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
+
+	@Override
+	public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException {
+		OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication;
+		OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails)oauth2Authentication.getDetails();
+		String accessToken = details.getTokenValue();
+		redirectStrategy.sendRedirect(request, response, logoutUri+accessToken);
+	}
+}

zlt-demo/sso-demo/src/main/resources/bootstrap.yml

@@ -8,6 +8,7 @@ spring:
 zlt:
   api-uaa:
     url: http://127.0.0.1:9900/api-uaa/oauth
+  logout-uri: ${zlt.api-uaa.url}/remove/token?redirectUri=http://127.0.0.1:8080&access_token=
 
 security:
   oauth2:

zlt-demo/sso-demo/src/main/resources/templates/index.html

@@ -6,13 +6,11 @@
 </head>
 <body>
 <div>
-    登录者: <span th:text="${username}"></span>
-    <br/>
-    权限: <span th:text="${authorities}"></span>
-    <br/>
-    应用id: <span th:text="${clientId}"></span>
-    <br/>
-    token: <span th:text="${token}"></span>
+    <p>登录者: <span th:text="${username}"></span></p>
+    <p>权限: <span th:text="${authorities}"></span></p>
+    <p>应用id: <span th:text="${clientId}"></span></p>
+    <p>token: <span th:text="${token}"></span></p>
+    <p><input type="button" value="登出" onclick="location='/logout'"/></p>
 </div>
 </body>
 </html>