}catch(IOException ignore){
decodedRelayState = relayState;
}
ServletContext servletCtx = httpContext.getServletContext();
IdentityServer server = (IdentityServer) servletCtx.getAttribute("IDENTITY_SERVER");
if (server == null)
throw logger.samlHandlerIdentityServerNotFoundError();
String sessionID = httpSession.getId();
String statusIssuer = statusResponseType.getIssuer().getValue();
server.stack().deRegisterTransitParticipant(sessionID, statusIssuer);
String nextParticipant = this.getParticipant(server, sessionID, decodedRelayState);
if (nextParticipant == null || nextParticipant.equals(decodedRelayState)) {
// we are done with logout - First ask STS to cancel the token
AssertionType assertion = (AssertionType) httpSession.getAttribute(GeneralConstants.ASSERTION);
if (assertion != null) {
PicketLinkCoreSTS sts = PicketLinkCoreSTS.instance();
SAMLProtocolContext samlProtocolContext = new SAMLProtocolContext();
samlProtocolContext.setIssuedAssertion(assertion);
sts.cancelToken(samlProtocolContext);
httpSession.removeAttribute(GeneralConstants.ASSERTION);
}
// TODO: check the in transit map for partial logouts
try {
generateSuccessStatusResponseType(statusResponseType.getInResponseTo(), request, response, relayState);
boolean isPost = isPostBindingForResponse(server, relayState, request);
response.setPostBindingForResponse(isPost);
} catch (Exception e) {
throw logger.processingError(e);
}
Map<String, Object> requestOptions = request.getOptions();
PicketLinkAuditHelper auditHelper = (PicketLinkAuditHelper) requestOptions.get(GeneralConstants.AUDIT_HELPER);
if (auditHelper != null) {
PicketLinkAuditEvent auditEvent = new PicketLinkAuditEvent(AuditLevel.INFO);
auditEvent.setWhoIsAuditing((String) requestOptions.get(GeneralConstants.CONTEXT_PATH));
auditEvent.setType(PicketLinkAuditEventType.INVALIDATE_HTTP_SESSION);
auditEvent.setHttpSessionID(httpSession.getId());
auditHelper.audit(auditEvent);
}
httpSession.invalidate(); // We are done with the logout interaction
} else {
// Put the participant in transit mode
server.stack().registerTransitParticipant(sessionID, nextParticipant);
boolean isPost = isPostBindingForResponse(server, nextParticipant, request);
response.setPostBindingForResponse(isPost);
// send logout request to participant with relaystate to orig