feat(CK Board): Log out of CK Board when user logs out of SCORE (#8)

Author: geoffreykwan

src/main/java/org/wise/portal/service/session/SessionService.java

@@ -3,6 +3,8 @@
 import java.io.Serializable;
 import java.util.Set;
 
+import javax.servlet.http.HttpServletRequest;
+
 import org.springframework.security.core.userdetails.UserDetails;
 
 public interface SessionService {
@@ -28,4 +30,8 @@ public interface SessionService {
   void removeCurrentAuthor(Serializable projectdId, String authorUsername);
 
   void removeUser(UserDetails user);
+
+  boolean isCkBoardAvailable();
+
+  void signOutOfCkBoard(HttpServletRequest request);
 }

src/main/java/org/wise/portal/service/session/impl/SessionServiceImpl.java

@@ -1,9 +1,17 @@
 package org.wise.portal.service.session.impl;
 
+import java.io.IOException;
 import java.io.Serializable;
 import java.util.Set;
 
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.http.client.HttpClient;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.impl.client.HttpClientBuilder;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.session.Session;
@@ -15,6 +23,9 @@
 @Service
 public class SessionServiceImpl<S extends Session> implements SessionService {
 
+  @Autowired
+  private Environment appProperties;
+
   @Autowired
   private StringRedisTemplate stringRedisTemplate;
 
@@ -63,17 +74,17 @@ public void addCurrentAuthor(Serializable projectId, String authorUsername) {
 
   @Override
   public void removeCurrentAuthor(UserDetails author) {
-    Set<String> currentlyAuthoredProjects =
-        stringRedisTemplate.opsForSet().members("currentlyAuthoredProjects");
+    Set<String> currentlyAuthoredProjects = stringRedisTemplate.opsForSet()
+        .members("currentlyAuthoredProjects");
     for (String projectId : currentlyAuthoredProjects) {
       removeCurrentAuthor(projectId, author.getUsername());
     }
   }
 
   public void removeCurrentAuthor(Serializable projectId, String authorUsername) {
     stringRedisTemplate.opsForSet().remove("currentAuthors:" + projectId, authorUsername);
-    Long numCurrentAuthorsForProject =
-        stringRedisTemplate.opsForSet().size("currentAuthors:" + projectId);
+    Long numCurrentAuthorsForProject = stringRedisTemplate.opsForSet()
+        .size("currentAuthors:" + projectId);
     if (numCurrentAuthorsForProject == 0) {
       stringRedisTemplate.opsForSet().remove("currentlyAuthoredProjects", projectId.toString());
     }
@@ -90,4 +101,48 @@ public void removeUser(UserDetails user) {
   public Set<String> getCurrentAuthors(Serializable projectId) {
     return stringRedisTemplate.opsForSet().members("currentAuthors:" + projectId);
   }
+
+  public boolean isCkBoardAvailable() {
+    String ckBoardUrl = appProperties.getProperty("ck_board_url");
+    return ckBoardUrl != null && !ckBoardUrl.equals("");
+  }
+
+  public void signOutOfCkBoard(HttpServletRequest request) {
+    String ckSessionCookie = getCkSessionCookie(request);
+    HttpClient client = HttpClientBuilder.create().build();
+    HttpPost ckBoardLogoutRequest = new HttpPost(getCkBoardLogoutUrl());
+    ckBoardLogoutRequest.setHeader("Authorization", "Bearer " + ckSessionCookie);
+    try {
+      client.execute(ckBoardLogoutRequest);
+    } catch (IOException e) {
+      e.printStackTrace();
+    }
+  }
+
+  private String getCkBoardLogoutUrl() {
+    String ckBoardUrl = appProperties.getProperty("ck_board_url");
+
+    // The CK Board local backend url is only used for local development and should only be set in
+    // local development environments. When we are running locally, we need the local IP and port of
+    // the CK Board backend because the SCORE API is served using Docker. If the SCORE API makes a
+    // request to localhost:8001, it won't be able to access the CK Board backend. This is because
+    // the SCORE API expects localhost to be within the container but the CK Board backend is not in
+    // the container.
+    String ckBoardLocalBackendUrl = appProperties.getProperty("ck_board_local_backend_url");
+    if (ckBoardLocalBackendUrl != null && !ckBoardLocalBackendUrl.equals("")) {
+      ckBoardUrl = ckBoardLocalBackendUrl;
+    }
+    return ckBoardUrl + "/api/auth/logout";
+  }
+
+  private String getCkSessionCookie(HttpServletRequest request) {
+    Cookie[] cookies = request.getCookies();
+    for (Cookie cookie : cookies) {
+      if (cookie.getName().equals("CK_SESSION")) {
+        return cookie.getValue();
+      }
+    }
+    return null;
+  }
+
 }

src/main/java/org/wise/portal/spring/impl/WISELogoutHandler.java

@@ -38,8 +38,8 @@
 import org.springframework.session.Session;
 import org.wise.portal.service.session.SessionService;
 
-public class WISELogoutHandler<S extends Session> extends SecurityContextLogoutHandler implements
-    ApplicationListener<SessionDestroyedEvent> {
+public class WISELogoutHandler<S extends Session> extends SecurityContextLogoutHandler
+    implements ApplicationListener<SessionDestroyedEvent> {
 
   @Autowired
   protected SessionService sessionService;
@@ -49,6 +49,9 @@ public void logout(HttpServletRequest request, HttpServletResponse response,
       Authentication authentication) {
     if (authentication != null) {
       sessionService.removeUser((UserDetails) authentication.getPrincipal());
+      if (sessionService.isCkBoardAvailable()) {
+        sessionService.signOutOfCkBoard(request);
+      }
     }
     super.logout(request, response, authentication);
   }

src/main/resources/application-dockerdev-sample.properties

@@ -194,6 +194,9 @@ google.tokens.dir=
 ck_board_url=
 ck_board_sso_secret_key=
 
+# Only set this when in local development environment
+#ck_board_local_backend_url=
+
 # backwards compatibility purpose only.
 system-wide-salt=secret