'Logging out with SpringBoot and Goolge doesn't work
I have an app where I can log in via Google oauth. That works so far. The only problem is that when I click on a button (logout), I'm not logged out of Google, as should be expected. I can then simply launch the app normally, as if I had previously logged in. Only when I explicitly log out under Google does the login work again.
Here's my code:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/", "/login", "/oauth/**").permitAll().anyRequest().authenticated().and()
.formLogin().permitAll().loginPage("/login").usernameParameter("email").passwordParameter("pass")
.defaultSuccessUrl("/list").and().oauth2Login().loginPage("/login").userInfoEndpoint()
.userService(oauthUserService).and().successHandler(new AuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
System.out.println("AuthenticationSuccessHandler invoked");
System.out.println("Authentication name: " + authentication.getName());
CustomOAuth2User oauthUser = (CustomOAuth2User) authentication.getPrincipal();
userService.processOAuthPostLogin(oauthUser.getEmail());
response.sendRedirect("/list");
}
})
// .defaultSuccessUrl("/list")
.and().logout().logoutSuccessHandler(oidcLogoutSuccessHandler()).invalidateHttpSession(true).clearAuthentication(true).deleteCookies("JSESSIONID").and().oauth2Login();
}
private OidcClientInitiatedLogoutSuccessHandler oidcLogoutSuccessHandler() {
OidcClientInitiatedLogoutSuccessHandler successHandler = new OidcClientInitiatedLogoutSuccessHandler(clientRegistrationRepository);
successHandler.setPostLogoutRedirectUri(URI.create("http://localhost:8080/login"));
return successHandler;
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|