From 4c0ff5d07dd6858c16036533cfc0354c2c2c7f23 Mon Sep 17 00:00:00 2001
From: "lin.ma" <lin.ma@zstack.io>
Date: Thu, 23 Oct 2025 11:15:56 +0800
Subject: [PATCH] <fix>[identity]: ValidateSession clear SSOToken

Resolves: ZSTAC-77432

Change-Id: I65796b67786879696f76626f6e62767674727272
(cherry picked from commit 588f2114a77e2461ba1f972281c61793a10dbd62)
---
 .../src/main/java/org/zstack/identity/Session.java     | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/identity/src/main/java/org/zstack/identity/Session.java b/identity/src/main/java/org/zstack/identity/Session.java
index fdc837f2d54..2b27931beef 100755
--- a/identity/src/main/java/org/zstack/identity/Session.java
+++ b/identity/src/main/java/org/zstack/identity/Session.java
@@ -40,6 +40,10 @@ public class Session implements Component {
     private DatabaseFacade dbf;
     @Autowired
     private EventFacade evtf;
+    @Autowired
+    private PluginRegistry pluginRgty;
+
+    private static List<LogoutExtensionPoint> logoutExtensionPoints;
 
     private Future<Void> expiredSessionCollector;
     private static Interner<String> sessionLock = Interners.newWeakInterner();
@@ -221,6 +225,11 @@ protected ErrorCode scripts() {
                     }
 
                     logout(s.getUuid());
+
+                    for (LogoutExtensionPoint ext : logoutExtensionPoints) {
+                        ext.beforeLogout(s);
+                    }
+
                     return err(IdentityErrors.INVALID_SESSION, "Session expired");
                 }
 
@@ -266,6 +275,7 @@ public boolean start() {
         setupGlobalConfig();
         startCleanUpStaleSessionTask();
         setupCanonicalEvents();
+        logoutExtensionPoints = pluginRgty.getExtensionList(LogoutExtensionPoint.class);
         return true;
     }