1   /*
2    * Copyright 2018 LINE Corporation
3    *
4    * LINE Corporation licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package com.linecorp.centraldogma.server.internal.admin.service;
17  
18  import static java.util.Objects.requireNonNull;
19  
20  import com.linecorp.armeria.common.HttpRequest;
21  import com.linecorp.armeria.common.HttpResponse;
22  import com.linecorp.armeria.common.HttpStatus;
23  import com.linecorp.armeria.common.RequestHeaders;
24  import com.linecorp.armeria.server.AbstractHttpService;
25  import com.linecorp.armeria.server.ServiceRequestContext;
26  import com.linecorp.armeria.server.auth.AuthTokenExtractors;
27  import com.linecorp.centraldogma.server.command.Command;
28  import com.linecorp.centraldogma.server.command.CommandExecutor;
29  import com.linecorp.centraldogma.server.internal.api.HttpApiUtil;
30  
31  public class DefaultLogoutService extends AbstractHttpService {
32  
33      private final CommandExecutor executor;
34  
35      public DefaultLogoutService(CommandExecutor executor) {
36          this.executor = requireNonNull(executor, "executor");
37      }
38  
39      @Override
40      protected HttpResponse doPost(ServiceRequestContext ctx, HttpRequest req) throws Exception {
41          return HttpResponse.from(
42                  req.aggregate()
43                     .thenApply(msg -> AuthTokenExtractors.oAuth2().apply(RequestHeaders.of(msg.headers())))
44                     .thenCompose(token -> {
45                         final String sessionId = token.accessToken();
46                         return executor.execute(Command.removeSession(sessionId));
47                     })
48                     .thenApply(unused -> HttpResponse.of(HttpStatus.OK))
49                     .exceptionally(cause -> HttpApiUtil.newResponse(ctx, HttpStatus.INTERNAL_SERVER_ERROR,
50                                                                     cause)));
51      }
52  }