/**
* Endpoint for destroying SSO Sessions.
*
* @param type the type
* @return result map
*/
@RequestMapping(value = "/destroySsoSessions", method = RequestMethod.POST)
@ResponseBody
public Map<String, Object> destroySsoSessions(
@RequestParam(defaultValue = "ALL") final String type) {
final Map<String, Object> sessionsMap = new HashMap<>();
final Map<String, String> failedTickets = new HashMap<>();
final SsoSessionReportOptions option = SsoSessionReportOptions.valueOf(type);
final Collection<Map<String, Object>> collection = getActiveSsoSessions(option);
for (final Map<String, Object> sso : collection) {
final String ticketGrantingTicket =
sso.get(SsoSessionAttributeKeys.TICKET_GRANTING_TICKET.toString()).toString();
try {
this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicket);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
failedTickets.put(ticketGrantingTicket, e.getMessage());
}
}
if (failedTickets.isEmpty()) {
sessionsMap.put("status", HttpServletResponse.SC_OK);
} else {
sessionsMap.put("status", HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
sessionsMap.put("failedTicketGrantingTickets", failedTickets);
}
return sessionsMap;
}
/**
* Gets sso sessions.
*
* @param option the option
* @return the sso sessions
*/
private Collection<Map<String, Object>> getActiveSsoSessions(
final SsoSessionReportOptions option) {
final Collection<Map<String, Object>> activeSessions = new ArrayList<>();
final ISOStandardDateFormat dateFormat = new ISOStandardDateFormat();
for (final Ticket ticket : getNonExpiredTicketGrantingTickets()) {
final TicketGrantingTicket tgt = (TicketGrantingTicket) ticket;
if (option == SsoSessionReportOptions.DIRECT && tgt.getProxiedBy() != null) {
continue;
}
final Authentication authentication = tgt.getAuthentication();
final Principal principal = authentication.getPrincipal();
final Map<String, Object> sso = new HashMap<>(SsoSessionAttributeKeys.values().length);
sso.put(SsoSessionAttributeKeys.AUTHENTICATED_PRINCIPAL.toString(), principal.getId());
sso.put(
SsoSessionAttributeKeys.AUTHENTICATION_DATE.toString(),
authentication.getAuthenticationDate());
sso.put(
SsoSessionAttributeKeys.AUTHENTICATION_DATE_FORMATTED.toString(),
dateFormat.format(authentication.getAuthenticationDate()));
sso.put(SsoSessionAttributeKeys.NUMBER_OF_USES.toString(), tgt.getCountOfUses());
sso.put(SsoSessionAttributeKeys.TICKET_GRANTING_TICKET.toString(), tgt.getId());
sso.put(SsoSessionAttributeKeys.PRINCIPAL_ATTRIBUTES.toString(), principal.getAttributes());
sso.put(
SsoSessionAttributeKeys.AUTHENTICATION_ATTRIBUTES.toString(),
authentication.getAttributes());
if (option != SsoSessionReportOptions.DIRECT) {
if (tgt.getProxiedBy() != null) {
sso.put(SsoSessionAttributeKeys.IS_PROXIED.toString(), Boolean.TRUE);
sso.put(SsoSessionAttributeKeys.PROXIED_BY.toString(), tgt.getProxiedBy().getId());
} else {
sso.put(SsoSessionAttributeKeys.IS_PROXIED.toString(), Boolean.FALSE);
}
}
sso.put(SsoSessionAttributeKeys.AUTHENTICATED_SERVICES.toString(), tgt.getServices());
activeSessions.add(sso);
}
return activeSessions;
}
