OidcLogoutV1 (stSoftware API)

java.lang.Object
- com.aspc.cms.rest.plugin.oidc.OidcLogoutV1

All Implemented Interfaces:

RestPluginProcess, RestPluginThrottling
```
public class OidcLogoutV1
extends java.lang.Object
implements RestPluginProcess, RestPluginThrottling
```
REST plugin that clears the user's OIDC session by removing the refresh token cookie and returning the Cognito logout URL for optional full single sign-out.
Endpoint: POST /oidc/logout

The frontend calls this endpoint when the user initiates logout. The refresh token cookie is cleared, and the response includes the Cognito logout URL so the frontend can optionally redirect the user for full SSO logout (clearing Cognito's session cookie as well).

Logout is idempotent — it always succeeds even if no refresh token cookie is present.

Author:

Claude

Field Summary

Fields
Modifier and Type	Field and Description
`static int`	`RATE_LIMIT_PERIOD_SECONDS` Throttling period in seconds (1 minute).
`static int`	`RATE_LIMIT_REQUESTS` Maximum requests per throttling period.

Constructor Summary

Constructors
Constructor and Description

OidcLogoutV1()

Constructors
Constructor and Description
`OidcLogoutV1()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static java.lang.String`	`buildCognitoLogoutUrl(java.lang.String logoutEndpoint, java.lang.String clientId, java.lang.String logoutUri)` Builds the Cognito logout URL with the required `client_id` and `logout_uri` query parameters.
`static JSONObject`	`buildLogoutResponse(java.lang.String cognitoLogoutUrl)` Builds the JSON logout response returned to the frontend.
`java.lang.String`	`getCounterKey(WebClient client, RestDefinition restDefinition)` get the key of the throttling counter, the key has to be shorter than 255 characters
`int`	`getPeriod(WebClient client, RestDefinition rd)` get the throttling period in seconds
`int`	`getRequestLimit(WebClient client, RestDefinition rd)` -1 is no limit 0 is always reject n is allow n requests in each throttling period
`java.lang.Object`	`restCreate(WebClient client, RestDefinition restDefinition, MutableDataSource mds)` HTTP POST calls the the Create ReST service.
`java.lang.Object`	`restDelete(WebClient client, RestDefinition restDefinition, MutableDataSource mds)` HTTP DELETE calls the the Delete ReST service.
`java.lang.Object`	`restRetrieve(WebClient client, RestDefinition restDefinition, ReadOnlyDataSource rds)` HTTP GET calls the the Retrieval ReST service.
`java.lang.Object`	`restUpdate(WebClient client, RestDefinition restDefinition, MutableDataSource mds)` HTTP PUT calls the the Update ReST service.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- RATE_LIMIT_REQUESTS
```
public static final int RATE_LIMIT_REQUESTS
```
  Maximum requests per throttling period.
  
  See Also:
  
  Constant Field Values
- RATE_LIMIT_PERIOD_SECONDS
```
public static final int RATE_LIMIT_PERIOD_SECONDS
```
  Throttling period in seconds (1 minute).
  
  See Also:
  
  Constant Field Values

Constructor Detail
- OidcLogoutV1
```
public OidcLogoutV1()
```

Method Detail

restRetrieve

@CheckReturnValue
 @Nonnull
public java.lang.Object restRetrieve(@Nonnull
                                                                 WebClient client,
                                                                 @Nonnull
                                                                 RestDefinition restDefinition,
                                                                 @Nonnull
                                                                 ReadOnlyDataSource rds)
                                                          throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP GET calls the the Retrieval ReST service.

Specified by:: restRetrieve in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; rds - the data source to use
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; java.lang.Exception - an error has occurred.

restCreate

@CheckReturnValue
 @Nonnull
public java.lang.Object restCreate(@Nonnull
                                                               WebClient client,
                                                               @Nonnull
                                                               RestDefinition restDefinition,
                                                               @Nonnull
                                                               MutableDataSource mds)
                                                        throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP POST calls the the Create ReST service.

Specified by:: restCreate in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; mds - the data source to use
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; ExceptionResponse - an error has occurred.; java.lang.Exception

restUpdate

@CheckReturnValue
 @Nonnull
public java.lang.Object restUpdate(@Nonnull
                                                               WebClient client,
                                                               @Nonnull
                                                               RestDefinition restDefinition,
                                                               @Nonnull
                                                               MutableDataSource mds)
                                                        throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP PUT calls the the Update ReST service.

Specified by:: restUpdate in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; mds - the data source to use
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; ExceptionResponse - an error has occurred.; java.lang.Exception

restDelete

@CheckReturnValue
 @Nonnull
public java.lang.Object restDelete(@Nonnull
                                                               WebClient client,
                                                               @Nonnull
                                                               RestDefinition restDefinition,
                                                               @Nonnull
                                                               MutableDataSource mds)
                                                        throws java.lang.Exception

Description copied from interface: RestPluginProcess

HTTP DELETE calls the the Delete ReST service.

Specified by:: restDelete in interface RestPluginProcess
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition; mds - the data source to use.
Returns:: the JSON object/array if processed.
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; ExceptionResponse - an error has occurred.; java.lang.Exception

getCounterKey

@CheckReturnValue
 @Nullable
public java.lang.String getCounterKey(@Nonnull
                                                                   WebClient client,
                                                                   @Nonnull
                                                                   RestDefinition restDefinition)
                                                            throws java.lang.Exception

Description copied from interface: RestPluginThrottling

get the key of the throttling counter, the key has to be shorter than 255 characters

Specified by:: getCounterKey in interface RestPluginThrottling
Parameters:: client - the client. Null means check only of ops; restDefinition - the definition
Returns:: The throttling counter key. Does NOT throttling if this method return null or empty string
Throws:: java.lang.UnsupportedOperationException - if this method is NOT supported.; java.lang.Exception - an error has occurred.

getRequestLimit
```
public int getRequestLimit(@Nonnull
                           WebClient client,
                           @Nonnull
                           RestDefinition rd)
                    throws java.lang.Exception
```
Description copied from interface: RestPluginThrottling

-1 is no limit 0 is always reject n is allow n requests in each throttling period

Specified by:

getRequestLimit in interface RestPluginThrottling

Parameters:

client - the client. Null means check only of ops

rd - the definition

Returns:

Throws:

java.lang.UnsupportedOperationException - use default throttling settings configured in RestDefinition record

java.lang.Exception

getPeriod
```
public int getPeriod(@Nonnull
                     WebClient client,
                     @Nonnull
                     RestDefinition rd)
              throws java.lang.Exception
```
Description copied from interface: RestPluginThrottling

get the throttling period in seconds

Specified by:

getPeriod in interface RestPluginThrottling

Parameters:

client - the client. Null means check only of ops

rd - the definition

Returns:

Throws:

java.lang.UnsupportedOperationException - use default throttling settings configured in RestDefinition record

java.lang.Exception

buildLogoutResponse

@CheckReturnValue
 @Nonnull
public static JSONObject buildLogoutResponse(@Nonnull
                                                                         java.lang.String cognitoLogoutUrl)

Builds the JSON logout response returned to the frontend.

Parameters:: cognitoLogoutUrl - the Cognito logout URL for optional SSO logout
Returns:: the JSON response object

buildCognitoLogoutUrl

@CheckReturnValue
 @Nonnull
public static java.lang.String buildCognitoLogoutUrl(@Nonnull
                                                                                 java.lang.String logoutEndpoint,
                                                                                 @Nonnull
                                                                                 java.lang.String clientId,
                                                                                 @Nonnull
                                                                                 java.lang.String logoutUri)

Builds the Cognito logout URL with the required client_id and logout_uri query parameters.

Parameters:: logoutEndpoint - the Cognito logout endpoint base URL; clientId - the Cognito app client ID; logoutUri - the URI to redirect to after Cognito logout
Returns:: the complete Cognito logout URL

Class OidcLogoutV1

Endpoint: `POST /oidc/logout`

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

RATE_LIMIT_REQUESTS

RATE_LIMIT_PERIOD_SECONDS

Constructor Detail

OidcLogoutV1

Method Detail

restRetrieve

restCreate

restUpdate

restDelete

getCounterKey

getRequestLimit

getPeriod

buildLogoutResponse

buildCognitoLogoutUrl

Class OidcLogoutV1

Endpoint: POST /oidc/logout

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

RATE_LIMIT_REQUESTS

RATE_LIMIT_PERIOD_SECONDS

Constructor Detail

OidcLogoutV1

Method Detail

restRetrieve

restCreate

restUpdate

restDelete

getCounterKey

getRequestLimit

getPeriod

buildLogoutResponse

buildCognitoLogoutUrl

Endpoint: `POST /oidc/logout`