mosip · urviljoshi · May 19, 2022 · May 19, 2022
diff --git a/...y-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java b/...y-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java
@@ -1,6 +1,8 @@
 package io.mosip.kernel.authcodeflowproxy.api.controller;
 
 import java.io.IOException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
 import java.util.List;
 import java.util.UUID;
 
@@ -19,6 +21,10 @@
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
 
 import io.mosip.kernel.authcodeflowproxy.api.constants.Errors;
 import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponseDTO;
@@ -29,6 +35,7 @@
 import io.mosip.kernel.core.authmanager.model.AuthResponseDto;
 import io.mosip.kernel.core.http.ResponseFilter;
 import io.mosip.kernel.core.http.ResponseWrapper;
+import io.mosip.kernel.core.util.CryptoUtil;
 import io.mosip.kernel.core.util.EmptyCheckUtils;
 
 @RestController
@@ -136,4 +143,22 @@ public ResponseWrapper<AuthResponseDto> logoutUser(
 		responseWrapper.setResponse(authResponseDto);
 		return responseWrapper;
 	}
+
+	@ResponseFilter
+	@DeleteMapping(value = "session/logout/user")
+	public void logoutUser(
+			@CookieValue(value = "Authorization", required = false) String token,@RequestParam(name = "redirecturi", required = false) String redirectURI, HttpServletResponse res) throws IOException {
+		String issuer = getissuer(token);
+		StringBuilder urlBuilder = new StringBuilder().append(issuer).append("/protocol/openid-connect/logout");
+		UriComponentsBuilder uriComponentsBuilder = UriComponentsBuilder.fromUriString(urlBuilder.toString())
+				.queryParam("post_logout_redirect_uri", URLEncoder.encode(new String(CryptoUtil.decodeURLSafeBase64(redirectURI)), StandardCharsets.UTF_8.toString()));
+		res.setStatus(302);
+		res.sendRedirect(uriComponentsBuilder.toString());
+	}
+
+	public String getissuer(String token) {
+		DecodedJWT decodedJWT = JWT.decode(token);
+		return decodedJWT.getClaim("iss").asString();
+	}
+
 }