cookie clear & ip support

maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/logout.component.ts

@@ -19,6 +19,7 @@ import { ActivatedRoute, Router } from '@angular/router';
 import { ReuseTabService } from '@delon/abc/reuse-tab';
 import { DA_SERVICE_TOKEN, ITokenService } from '@delon/auth';
 import { SettingsService } from '@delon/theme';
+import { finalize } from 'rxjs/operators';
 
 import { AuthnService } from '../../service/authn.service';
 import { SocialsProviderService } from '../../service/socials-provider.service';
@@ -44,12 +45,20 @@ export class LogoutComponent implements OnInit {
 
   ngOnInit(): void {
     this.redirect_uri = this.route.snapshot.params[CONSTS.REDIRECT_URI];
-    this.authnService.logout();
-    this.tokenService.clear();
-    if (this.redirect_uri == null || this.redirect_uri == '') {
-      this.router.navigateByUrl(this.tokenService.login_url!);
-    } else {
-      this.router.navigateByUrl(this.redirect_uri);
-    }
+    this.authnService
+      .logout()
+      .pipe(
+        finalize(() => {
+          this.tokenService.clear();
+          if (this.redirect_uri == null || this.redirect_uri == '') {
+            this.router.navigateByUrl(this.tokenService.login_url!);
+          } else {
+            this.router.navigateByUrl(this.redirect_uri);
+          }
+        })
+      )
+      .subscribe(res => {
+        console.log(`Logout Response ${res.data}`);
+      });
   }
 }

maxkey-web-frontend/maxkey-web-app/src/app/service/authn.service.ts

@@ -63,14 +63,24 @@ export class AuthnService {
 
   //退出
   logout() {
-    this.cookieService.delete(CONSTS.CONGRESS);
-    return this.http.get('/login/logout');
+    this.cookieService.delete(CONSTS.CONGRESS, '/');
+    this.cookieService.delete(CONSTS.ONLINE_TICKET, '/', this.getSubHostName());
+    return this.http.get('/logout');
   }
 
   congress(authParam: any) {
     return this.http.post('/login/congress?_allow_anonymous=true', authParam);
   }
 
+  getSubHostName(): string {
+    let hostnames = window.location.hostname.split('.');
+    let subHostName = window.location.hostname;
+    if (hostnames.length >= 2 && !CONSTS.IP_V4_REGEXEXP.test(subHostName)) {
+      subHostName = `${hostnames[hostnames.length - 2]}.${hostnames[hostnames.length - 1]}`;
+    }
+    return subHostName;
+  }
+
   clear() {
     this.tokenService.clear();
     localStorage.setItem(CONSTS.REMEMBER, '');
@@ -92,14 +102,8 @@ export class AuthnService {
       passwordSetType: authJwt.passwordSetType
     };
 
-    let hostnames = window.location.hostname.split('.');
-    let subHostName = window.location.hostname;
-    if (hostnames.length >= 2) {
-      subHostName = `${hostnames[hostnames.length - 2]}.${hostnames[hostnames.length - 1]}`;
-    }
-
     this.cookieService.set(CONSTS.CONGRESS, authJwt.token, { path: '/' });
-    this.cookieService.set(CONSTS.ONLINE_TICKET, authJwt.ticket, { domain: subHostName, path: '/' });
+    this.cookieService.set(CONSTS.ONLINE_TICKET, authJwt.ticket, { domain: this.getSubHostName(), path: '/' });
 
     if (authJwt.remeberMe) {
       localStorage.setItem(CONSTS.REMEMBER, authJwt.remeberMe);

maxkey-web-frontend/maxkey-web-app/src/app/shared/consts.ts

@@ -15,6 +15,11 @@
  */
 
 export const CONSTS = {
+    // Regular expression to check if string is a IP v4 address
+    IP_V4_REGEXEXP: /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/gi,
+    // Regular expression to check if string is a IPv6 address
+    IP_V6_REGEXEXP:
+        /(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))/gi,
     INST: 'inst',
     CONGRESS: 'congress',
     ONLINE_TICKET: 'online_ticket',

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java

@@ -136,7 +136,10 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
                 .addPathPatterns("/authz/credential/**")
                 .addPathPatterns("/authz/oauth/v20/approval_confirm/**")
         		.addPathPatterns("/authz/oauth/v20/authorize/approval/**")
-        		.addPathPatterns("/logon/oauth20/bind/**");
+        		.addPathPatterns("/logon/oauth20/bind/**")
+        		.addPathPatterns("/logout")
+                .addPathPatterns("/logout/**")
+                ;
         
         _logger.debug("add Permission Interceptor");
         

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java

@@ -114,6 +114,8 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
                 
                 .addPathPatterns("/file/upload/")
                 
+                .addPathPatterns("/logout")
+                .addPathPatterns("/logout/**")
                 ;
         
         _logger.debug("add PermissionAdapter");