When using Gerrit with external authentication systems (OAuth or other)
it would be necessary to enforce additional requirements (e.g. 2-factor)
or introduce some plug-in specific post-login screen for finalising
the user's on boarding.
Similarly when the user logs out, we may need to invalidate its token
from an external SSO system or to perform some other plugin-specific
operations or even simply request a feedback.
With the introduction of this new extension point WebLoginListener
it is possible to filter the HTTP response and override the status
code to redirect or perform additional adjustments to comply with
the company or the plugin's requirements.
It is possible to experiment this new extension with a simple
Groovy scripting plugin (see below).
```
import com.google.gerrit.extensions.annotations.*
import javax.servlet.http.*
import com.google.inject.*
import com.google.gerrit.httpd.*
import com.google.gerrit.server.*
@Singleton
@Listen
public class MyPostLogin implements WebLoginListener {
public void onLogin(IdentifiedUser user,
HttpServletRequest req,
HttpServletResponse resp) {
println "Post-login user=$user"
resp.sendRedirect("https://twophase.mycompany.com/auth")
}
public void onLogout(IdentifiedUser user,
HttpServletRequest req,
HttpServletResponse resp) {
println "Post-logout user=$user"
resp.sendRedirect("https://ssologout.mycompany.com")
}
}
```
Change-Id: I76e8ec040072e317061234665a0d865927da55b9
45da618565