From b34c4e104fe2827271b91d911ac993ced59f9fdc Mon Sep 17 00:00:00 2001
From: Scott Battaglia <scott.battaglia@gmail.com>
Date: Mon, 11 Aug 2014 23:04:24 -0400
Subject: [PATCH] Updated code to abstract the reflection logic a bit more
 behind a strategy interface.

---
 .../client/session/SingleSignOutHandler.java  | 47 +++++++++++++------
 1 file changed, 32 insertions(+), 15 deletions(-)

diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java
index 07264c3..fe4bbc1 100644
--- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java
@@ -18,11 +18,11 @@
  */
 package org.jasig.cas.client.session;
 
-import java.lang.reflect.Method;
 import java.util.Arrays;
 import java.util.List;
 import java.util.zip.Inflater;
 
+import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
@@ -78,7 +78,7 @@ public final class SingleSignOutHandler {
 
     private List<String> safeParameters;
 
-    private Method httpRequestLogoutMethod = retrieveHttpRequestLogoutMethod();
+    private LogoutStrategy logoutStrategy = isServlet30() ? new Servlet30LogoutStrategy() : new Servlet25LogoutStrategy();
 
     public void setSessionMappingStorage(final SessionMappingStorage storage) {
         this.sessionMappingStorage = storage;
@@ -308,7 +308,7 @@ public final class SingleSignOutHandler {
                 } catch (final IllegalStateException e) {
                     logger.debug("Error invalidating session.", e);
                 }
-                executeHttpServletRequestLogoutIfPossible(request);
+                this.logoutStrategy.logout(request);
             }
         }
     }
@@ -344,21 +344,38 @@ public final class SingleSignOutHandler {
         return request.getContentType() != null && request.getContentType().toLowerCase().startsWith("multipart");
     }
 
-    private void executeHttpServletRequestLogoutIfPossible(final HttpServletRequest request) {
-        if (this.httpRequestLogoutMethod != null) {
+    private static boolean isServlet30() {
+        try {
+            return HttpServletRequest.class.getMethod("logout") != null;
+        } catch (final NoSuchMethodException e) {
+            return false;
+        }
+    }
+
+
+    /**
+     * Abstracts the ways we can force logout with the Servlet spec.
+     */
+    private interface LogoutStrategy {
+
+        void logout(HttpServletRequest request);
+    }
+
+    private class Servlet25LogoutStrategy implements LogoutStrategy {
+
+        public void logout(final HttpServletRequest request) {
+            // nothing additional to do here
+        }
+    }
+
+    private class Servlet30LogoutStrategy implements LogoutStrategy {
+
+        public void logout(final HttpServletRequest request) {
             try {
-                this.httpRequestLogoutMethod.invoke(request);
-            } catch (final Exception e) {
+                request.logout();
+            } catch (final ServletException e) {
                 logger.debug("Error performing request.logout.");
             }
         }
     }
-
-    private static Method retrieveHttpRequestLogoutMethod() {
-        try {
-            return HttpServletRequest.class.getMethod("logout");
-        } catch (final NoSuchMethodException e) {
-            return null;
-        }
-    }
 }