Fix #11361 OAuth2 Logout and Exception Issue

.gitignore

@@ -109,4 +109,5 @@ Dockerfile.local
 security.properties
 *.crt
 *.key
-*~
+*~
+*.pem

src/main/java/org/cbioportal/security/config/CustomAuthenticationErrorEntryPoint.java

@@ -0,0 +1,21 @@
+package org.cbioportal.security.config;
+
+import java.io.IOException;
+
+import org.springframework.security.web.AuthenticationEntryPoint;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+public class CustomAuthenticationErrorEntryPoint implements AuthenticationEntryPoint {
+
+	@Override
+	public void commence(HttpServletRequest request, HttpServletResponse response,
+			org.springframework.security.core.AuthenticationException authException)
+			throws IOException, ServletException {
+		response.sendRedirect(request.getContextPath() + "/login?error");
+
+	}
+
+}

src/main/java/org/cbioportal/security/config/OAuth2SecurityConfig.java

@@ -16,12 +16,10 @@
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
-import org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
 import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
 
 import java.util.ArrayList;
 import java.util.Collection;
@@ -45,7 +43,12 @@ public class OAuth2SecurityConfig {
     @Value("${spring.security.oauth2.client.jwt-roles-path:resource_access::cbioportal::roles}")
     private String jwtRolesPath;
 
+    private static final String LOGOUT_URL = "/logout";
+
     private static final String LOGIN_URL = "/login";
+
+    @Value("${oauth2.logout.url}")
+   	private String successfullLogoutUrl;
 
     @Bean
     @Order(1)
@@ -66,8 +69,10 @@ public SecurityFilterChain filterChain(HttpSecurity http, ClientRegistrationRepo
                     .failureUrl(LOGIN_URL + "?logout_failure")
             )
             .logout(logout -> logout
-                .logoutSuccessHandler(oidcLogoutSuccessHandler(clientRegistrationRepository))
-            );
+            		.logoutUrl(LOGOUT_URL)
+                    .logoutSuccessUrl(successfullLogoutUrl)
+                )
+            .exceptionHandling(ex -> ex.authenticationEntryPoint(new CustomAuthenticationErrorEntryPoint()));
         return http.build();
     }
 
@@ -102,13 +107,4 @@ private GrantedAuthoritiesMapper userAuthoritiesMapper() {
             return mappedAuthorities;
         };
     }
-
-    // See: https://docs.spring.io/spring-security/reference/5.7-SNAPSHOT/servlet/oauth2/login/advanced.html#oauth2login-advanced-oidc-logout
-    private LogoutSuccessHandler oidcLogoutSuccessHandler(ClientRegistrationRepository clientRegistrationRepository) {
-        OidcClientInitiatedLogoutSuccessHandler oidcLogoutSuccessHandler =
-            new OidcClientInitiatedLogoutSuccessHandler(clientRegistrationRepository);
-        oidcLogoutSuccessHandler.setPostLogoutRedirectUri("{baseUrl}");
-        return oidcLogoutSuccessHandler;
-    }
-
 }

src/test/java/org/cbioportal/test/integration/security/OAuth2AuthIntegrationTest.java

@@ -21,6 +21,7 @@
 )
 @TestPropertySource(
     properties = {
+    	"oauth2.logout.url=./",
         "authenticate=oauth2",
         "dat.method=oauth2",
         // DB settings (also see MysqlInitializer)