sohalloran · October 21, 2019 11:06
diff --git a/SSO-JWT.apex b/SSO-JWT.apex

 <apex:page id="PersistentLoginPage"
           applyBodyTag="false"
           applyHtmlTag="false"
           showHeader="false"
           showChat="false"
           sidebar="false"
           standardStylesheets="false"
           action="{!persistentLogin}"
           controller="PersistentLoginController">
    <html>
        <head>
            <meta charset="utf-8"/>
            <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
            <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
            <title>Log In</title>
        </head>
        <body>
            <div class="container">
                <apex:form id="loginForm" forceSSL="true" styleClass="form-signin">
                    <div>
                        <apex:pageMessages showDetail="false" id="error"/>
                        <div>
                            {!m}
                        </div>
                    </div>
                    <div>
                        <apex:inputText required="true" id="login-email" styleClass="" value="{!username}" label="Username" html-placeholder="Username" />
                    </div>
                    <div>
                        <apex:inputSecret id="login-password" styleClass="" value="{!password}" label="Password"  html-placeholder="Password"/>
                    </div>
                    <div>
                        <apex:commandButton action="{!login}" value="Log in" id="login-submit" styleClass=""/>
                    </div>
                </apex:form>
            </div>
        </body>
    </html>
 </apex:page>

 /**
 * An apex page controller that exposes the site login functionality that keeps users logged in
 */
 global with sharing class PersistentLoginController {
    private static final String CLIENT_ID = 'CLIENT_ID';
    private static final Integer VALIDITY = 30;

    global String username {get; set;}
    global String password {get; set;}
    public String startURL {get; set;}
    public String m {get; set;}

    global PersistentLoginController() {
        startURL = System.currentPageReference().getParameters().get('startURL');
        if (startURL == null) startURL = '/';
    }

    global PageReference persistentLogin() {

        Cookie token = ApexPages.currentPage().getCookies().get('token');
        if (token != null) {

            String tokenEndpoint =  Site.getBaseSecureUrl() + '/services/oauth2/token';
            String access_token = null;
            String body = 'grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=' + token.getValue();
            HttpRequest req = new HttpRequest();
            req.setMethod('POST');
            req.setEndpoint(tokenEndpoint);
            req.setHeader('Content-type', 'application/x-www-form-urlencoded');
            req.setBody(body);
            Http http = new Http();
            HTTPResponse res = http.send(req);

            m = res.getStatusCode() + ':' + res.getStatus() + ':' + res.getBody();
            if ( res.getStatusCode() == 200 ) {
                System.JSONParser parser = System.JSON.createParser(res.getBody());
                while (parser.nextToken() != null) {
                    if ((parser.getCurrentToken() == JSONToken.FIELD_NAME) && (parser.getText() == 'access_token')) {
                        parser.nextToken();
                        access_token = parser.getText();
                        break;
                    }
                }
            } else {
            	token = new Cookie('token',null,null,0,true);
        		ApexPages.currentPage().setCookies(new Cookie[]{token});
            }
            if (access_token != null) return new PageReference(Site.getBaseSecureUrl() + '/secur/frontdoor.jsp?sid=' + access_token);
        }
        return null;
    }

    global PageReference login() {

        PageReference loginResult = Site.login(username, password, startUrl);
        if (loginResult != null) {
            Auth.JWT jwt = new Auth.JWT();
            jwt.setSub(username);
            jwt.setAud(Site.getBaseSecureUrl());
            jwt.setIss(CLIENT_ID);
            jwt.setValidityLength(VALIDITY);
            Auth.JWS jws = new Auth.JWS(jwt, 'CERT_NAME');
            Cookie token = new Cookie('token',jws.getCompactSerialization(),null,VALIDITY,true);
            ApexPages.currentPage().setCookies(new Cookie[]{token});
        }
        return loginResult;
    }
 }

 <apex:page id="PersistentLogoutPage"
           applyBodyTag="false"
           applyHtmlTag="false"
           showHeader="false"
           showChat="false"
           sidebar="false"
           standardStylesheets="false"
           action="{!persistentLogout}"
           controller="PersistentLogoutController">
    <html>
        <head>
            <meta charset="utf-8"/>
            <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
            <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
            <title>Log out</title>
        </head>
        <body>
        </body>
    </html>
 </apex:page>

 global with sharing class PersistentLogoutController {

    global PersistentLogoutController() {
    }

    global PageReference persistentLogout() {
        Cookie token = new Cookie('token',null,null,0,true);
        ApexPages.currentPage().setCookies(new Cookie[]{token});
        return new PageReference(Site.getBaseSecureUrl());
    }
 }

	<apex:page id="PersistentLoginPage"
	applyBodyTag="false"
	applyHtmlTag="false"
	showHeader="false"
	showChat="false"
	sidebar="false"
	standardStylesheets="false"
	action="{!persistentLogin}"
	controller="PersistentLoginController">
	<html>
	<head>
	<meta charset="utf-8"/>
	<meta http-equiv="X-UA-Compatible" content="IE=edge"/>
	<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
	<title>Log In</title>
	</head>
	<body>
	<div class="container">
	<apex:form id="loginForm" forceSSL="true" styleClass="form-signin">
	<div>
	<apex:pageMessages showDetail="false" id="error"/>
	<div>
	{!m}
	</div>
	</div>
	<div>
	<apex:inputText required="true" id="login-email" styleClass="" value="{!username}" label="Username" html-placeholder="Username" />
	</div>
	<div>
	<apex:inputSecret id="login-password" styleClass="" value="{!password}" label="Password" html-placeholder="Password"/>
	</div>
	<div>
	<apex:commandButton action="{!login}" value="Log in" id="login-submit" styleClass=""/>
	</div>
	</apex:form>
	</div>
	</body>
	</html>
	</apex:page>

	/**
	* An apex page controller that exposes the site login functionality that keeps users logged in
	*/
	global with sharing class PersistentLoginController {
	private static final String CLIENT_ID = 'CLIENT_ID';
	private static final Integer VALIDITY = 30;

	global String username {get; set;}
	global String password {get; set;}
	public String startURL {get; set;}
	public String m {get; set;}

	global PersistentLoginController() {
	startURL = System.currentPageReference().getParameters().get('startURL');
	if (startURL == null) startURL = '/';
	}

	global PageReference persistentLogin() {

	Cookie token = ApexPages.currentPage().getCookies().get('token');
	if (token != null) {

	String tokenEndpoint = Site.getBaseSecureUrl() + '/services/oauth2/token';
	String access_token = null;
	String body = 'grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=' + token.getValue();
	HttpRequest req = new HttpRequest();
	req.setMethod('POST');
	req.setEndpoint(tokenEndpoint);
	req.setHeader('Content-type', 'application/x-www-form-urlencoded');
	req.setBody(body);
	Http http = new Http();
	HTTPResponse res = http.send(req);

	m = res.getStatusCode() + ':' + res.getStatus() + ':' + res.getBody();
	if ( res.getStatusCode() == 200 ) {
	System.JSONParser parser = System.JSON.createParser(res.getBody());
	while (parser.nextToken() != null) {
	if ((parser.getCurrentToken() == JSONToken.FIELD_NAME) && (parser.getText() == 'access_token')) {
	parser.nextToken();
	access_token = parser.getText();
	break;
	}
	}
	} else {
	token = new Cookie('token',null,null,0,true);
	ApexPages.currentPage().setCookies(new Cookie[]{token});
	}
	if (access_token != null) return new PageReference(Site.getBaseSecureUrl() + '/secur/frontdoor.jsp?sid=' + access_token);
	}
	return null;
	}

	global PageReference login() {

	PageReference loginResult = Site.login(username, password, startUrl);
	if (loginResult != null) {
	Auth.JWT jwt = new Auth.JWT();
	jwt.setSub(username);
	jwt.setAud(Site.getBaseSecureUrl());
	jwt.setIss(CLIENT_ID);
	jwt.setValidityLength(VALIDITY);
	Auth.JWS jws = new Auth.JWS(jwt, 'CERT_NAME');
	Cookie token = new Cookie('token',jws.getCompactSerialization(),null,VALIDITY,true);
	ApexPages.currentPage().setCookies(new Cookie[]{token});
	}
	return loginResult;
	}
	}

	<apex:page id="PersistentLogoutPage"
	applyBodyTag="false"
	applyHtmlTag="false"
	showHeader="false"
	showChat="false"
	sidebar="false"
	standardStylesheets="false"
	action="{!persistentLogout}"
	controller="PersistentLogoutController">
	<html>
	<head>
	<meta charset="utf-8"/>
	<meta http-equiv="X-UA-Compatible" content="IE=edge"/>
	<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
	<title>Log out</title>
	</head>
	<body>
	</body>
	</html>
	</apex:page>

	global with sharing class PersistentLogoutController {

	global PersistentLogoutController() {
	}

	global PageReference persistentLogout() {
	Cookie token = new Cookie('token',null,null,0,true);
	ApexPages.currentPage().setCookies(new Cookie[]{token});
	return new PageReference(Site.getBaseSecureUrl());
	}
	}