Skip to content

Commit e7a41b4

Browse files
authored
Call end_session_endpoint in IDP provider when login out from Console (#2476)
1 parent 262a601 commit e7a41b4

File tree

13 files changed

+243
-7
lines changed

13 files changed

+243
-7
lines changed

integration/login_test.go

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -116,8 +116,8 @@ func TestLogout(t *testing.T) {
116116
log.Println("authentication token not found in cookies response")
117117
return
118118
}
119-
120-
request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", requestDataBody)
119+
logoutRequest := bytes.NewReader([]byte("{}"))
120+
request, err = http.NewRequest("POST", "http://localhost:9090/api/v1/logout", logoutRequest)
121121
if err != nil {
122122
log.Println(err)
123123
return
@@ -126,7 +126,6 @@ func TestLogout(t *testing.T) {
126126
request.Header.Add("Content-Type", "application/json")
127127

128128
response, err = client.Do(request)
129-
130129
assert.NotNil(response, "Logout response is nil")
131130
assert.Nil(err, "Logout errored out")
132131
assert.Equal(response.StatusCode, 200)

models/login_response.go

Lines changed: 3 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

models/logout_request.go

Lines changed: 67 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/auth/idp/oauth2/config.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ type ProviderConfig struct {
3737
Userinfo bool
3838
RedirectCallbackDynamic bool
3939
RedirectCallback string
40+
EndSessionEndpoint string
4041
RoleArn string // can be empty
4142
}
4243

pkg/auth/idp/oauth2/provider.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,7 @@ type Provider struct {
110110
IDPName string
111111
// if enabled means that we need extrace access_token as well
112112
UserInfo bool
113+
RefreshToken string
113114
oauth2Config Configuration
114115
provHTTPClient *http.Client
115116
}
@@ -319,6 +320,7 @@ func (client *Provider) VerifyIdentity(ctx context.Context, code, state, roleARN
319320
getWebTokenExpiry := func() (*credentials.WebIdentityToken, error) {
320321
customCtx := context.WithValue(ctx, oauth2.HTTPClient, client.provHTTPClient)
321322
oauth2Token, err := client.oauth2Config.Exchange(customCtx, code)
323+
client.RefreshToken = oauth2Token.RefreshToken
322324
if err != nil {
323325
return nil, err
324326
}

portal-ui/src/common/utils.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,9 @@ export const deleteCookie = (name: string) => {
8484

8585
export const clearSession = () => {
8686
storage.removeItem("token");
87+
storage.removeItem("auth-state");
8788
deleteCookie("token");
89+
deleteCookie("idp-refresh-token");
8890
};
8991

9092
// timeFromDate gets time string from date input

portal-ui/src/screens/LoginPage/LoginCallback.tsx

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -142,6 +142,9 @@ const LoginCallback = ({ classes }: ILoginCallBackProps) => {
142142
targetPath = `${localStorage.getItem("redirect-path")}`;
143143
localStorage.setItem("redirect-path", "");
144144
}
145+
if (state) {
146+
localStorage.setItem("auth-state", state);
147+
}
145148
setLoading(false);
146149
navigate(targetPath);
147150
})

portal-ui/src/screens/LogoutPage/LogoutPage.tsx

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,9 @@ const LogoutPage = () => {
3535
dispatch(resetSession());
3636
navigate(`login`);
3737
};
38+
const state = localStorage.getItem("auth-state");
3839
api
39-
.invoke("POST", `/api/v1/logout`)
40+
.invoke("POST", `/api/v1/logout`, { state })
4041
.then(() => {
4142
deleteSession();
4243
})

restapi/embedded_spec.go

Lines changed: 42 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

restapi/operations/auth/logout_parameters.go

Lines changed: 38 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)