From 30eacaa8a49b215bfcd94ba1dfdb2543e9f38ddf Mon Sep 17 00:00:00 2001 From: Juleen Graham Date: Fri, 14 Aug 2020 02:54:51 -0400 Subject: [PATCH 1/5] log out of oidc on galaxy logout --- client/src/layout/menu.js | 18 +++++++++++++++++- .../webapps/galaxy/controllers/authnz.py | 1 + 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/client/src/layout/menu.js b/client/src/layout/menu.js index a406641c8968..3b698315cd66 100644 --- a/client/src/layout/menu.js +++ b/client/src/layout/menu.js @@ -1,6 +1,8 @@ import axios from "axios"; import { getGalaxyInstance } from "app"; import _l from "utils/localization"; +import { CommunicationServerView } from "layout/communication-server-view"; +import { getIdentityProviders } from "components/User/ExternalIdentities/service"; const POST_LOGOUT_URL = "root/login?is_logout_redirect=true"; @@ -12,6 +14,12 @@ export function userLogout(logoutAll = false) { const galaxy = getGalaxyInstance(); const session_csrf_token = galaxy.session_csrf_token; const url = `${galaxy.root}user/logout?session_csrf_token=${session_csrf_token}&logout_all=${logoutAll}`; + + var identities; + getIdentityProviders() + .then((results) => { + identities = results; + }); axios .get(url) .then((response) => { @@ -20,7 +28,15 @@ export function userLogout(logoutAll = false) { } // Check if we need to logout of OIDC IDP if (galaxy.config.enable_oidc) { - return axios.get(`${galaxy.root}authnz/logout`); + const email = galaxy.user.attributes.email; + var provider; + for (var i = 0; i < identities.length; i++) { + if (identities[i].email == email) { + provider = identities[i].provider; + break; + } + } + return axios.get(`${galaxy.root}authnz/${provider}/logout`); } else { // Otherwise pass through the initial logout response return response; diff --git a/lib/galaxy/webapps/galaxy/controllers/authnz.py b/lib/galaxy/webapps/galaxy/controllers/authnz.py index 2b07af637f82..eb39cb6a3c5f 100644 --- a/lib/galaxy/webapps/galaxy/controllers/authnz.py +++ b/lib/galaxy/webapps/galaxy/controllers/authnz.py @@ -142,6 +142,7 @@ def disconnect(self, trans, provider, email=None, **kwargs): return trans.response.send_redirect(redirect_url) @web.json + @web.expose def logout(self, trans, provider, **kwargs): post_logout_redirect_url = trans.request.base + url_for('/') + 'root/login?is_logout_redirect=true' success, message, redirect_uri = trans.app.authnz_manager.logout(provider, From 857508d059e003ecc3ab523901bac0ca8749479b Mon Sep 17 00:00:00 2001 From: Juleen Graham Date: Tue, 25 Aug 2020 07:10:14 -0400 Subject: [PATCH 2/5] prettier --- client/src/layout/menu.js | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/client/src/layout/menu.js b/client/src/layout/menu.js index 3b698315cd66..ac661c00636a 100644 --- a/client/src/layout/menu.js +++ b/client/src/layout/menu.js @@ -14,12 +14,11 @@ export function userLogout(logoutAll = false) { const galaxy = getGalaxyInstance(); const session_csrf_token = galaxy.session_csrf_token; const url = `${galaxy.root}user/logout?session_csrf_token=${session_csrf_token}&logout_all=${logoutAll}`; - + var identities; - getIdentityProviders() - .then((results) => { - identities = results; - }); + getIdentityProviders().then((results) => { + identities = results; + }); axios .get(url) .then((response) => { From d6c019306d297eda5357df1380f645f7c95e219a Mon Sep 17 00:00:00 2001 From: Juleen Graham Date: Tue, 10 Nov 2020 00:47:52 -0500 Subject: [PATCH 3/5] remove unnecessary import --- client/src/layout/menu.js | 1 - 1 file changed, 1 deletion(-) diff --git a/client/src/layout/menu.js b/client/src/layout/menu.js index ac661c00636a..b8c34002855e 100644 --- a/client/src/layout/menu.js +++ b/client/src/layout/menu.js @@ -1,7 +1,6 @@ import axios from "axios"; import { getGalaxyInstance } from "app"; import _l from "utils/localization"; -import { CommunicationServerView } from "layout/communication-server-view"; import { getIdentityProviders } from "components/User/ExternalIdentities/service"; const POST_LOGOUT_URL = "root/login?is_logout_redirect=true"; From 347388326eef37e6555aca005d9bab30ab1b8e88 Mon Sep 17 00:00:00 2001 From: Juleen Graham Date: Wed, 13 Jan 2021 16:30:36 -0500 Subject: [PATCH 4/5] Implement logout without extra api call utilise localStorage --- .../User/ExternalIdentities/ExternalLogin.vue | 1 + client/src/layout/menu.js | 18 +++++------------- .../webapps/galaxy/controllers/authnz.py | 4 ++-- 3 files changed, 8 insertions(+), 15 deletions(-) diff --git a/client/src/components/User/ExternalIdentities/ExternalLogin.vue b/client/src/components/User/ExternalIdentities/ExternalLogin.vue index e99a1a5d1104..d6b0297fc6d3 100644 --- a/client/src/components/User/ExternalIdentities/ExternalLogin.vue +++ b/client/src/components/User/ExternalIdentities/ExternalLogin.vue @@ -173,6 +173,7 @@ export default { axios .post(`${rootUrl}authnz/${idp}/login/?idphint=${this.selected.EntityID}`) .then((response) => { + localStorage.setItem("galaxy-provider", idp); if (response.data.redirect_uri) { window.location = response.data.redirect_uri; } diff --git a/client/src/layout/menu.js b/client/src/layout/menu.js index b8c34002855e..2c540e504648 100644 --- a/client/src/layout/menu.js +++ b/client/src/layout/menu.js @@ -13,11 +13,6 @@ export function userLogout(logoutAll = false) { const galaxy = getGalaxyInstance(); const session_csrf_token = galaxy.session_csrf_token; const url = `${galaxy.root}user/logout?session_csrf_token=${session_csrf_token}&logout_all=${logoutAll}`; - - var identities; - getIdentityProviders().then((results) => { - identities = results; - }); axios .get(url) .then((response) => { @@ -26,15 +21,12 @@ export function userLogout(logoutAll = false) { } // Check if we need to logout of OIDC IDP if (galaxy.config.enable_oidc) { - const email = galaxy.user.attributes.email; - var provider; - for (var i = 0; i < identities.length; i++) { - if (identities[i].email == email) { - provider = identities[i].provider; - break; - } + const provider = localStorage.getItem("galaxy-provider"); + if (provider) { + localStorage.removeItem("galaxy-provider"); + return axios.get(`${galaxy.root}authnz/logout?provider=${provider}`); } - return axios.get(`${galaxy.root}authnz/${provider}/logout`); + return axios.get(`${galaxy.root}authnz/logout`); } else { // Otherwise pass through the initial logout response return response; diff --git a/lib/galaxy/webapps/galaxy/controllers/authnz.py b/lib/galaxy/webapps/galaxy/controllers/authnz.py index eb39cb6a3c5f..5b64509ece94 100644 --- a/lib/galaxy/webapps/galaxy/controllers/authnz.py +++ b/lib/galaxy/webapps/galaxy/controllers/authnz.py @@ -154,8 +154,8 @@ def logout(self, trans, provider, **kwargs): return {'message': message} @web.expose - def get_logout_url(self, trans, **kwargs): - idp_provider = trans.get_cookie(name=PROVIDER_COOKIE_NAME) + def get_logout_url(self, trans, provider=None, **kwargs): + idp_provider = provider if provider else trans.get_cookie(name=PROVIDER_COOKIE_NAME) if idp_provider: return trans.response.send_redirect(url_for(controller='authnz', action='logout', provider=idp_provider)) From a8a581b30b383617ee7f208992813cf78042137c Mon Sep 17 00:00:00 2001 From: Juleen Graham Date: Wed, 13 Jan 2021 16:54:25 -0500 Subject: [PATCH 5/5] fix jslint error --- client/src/layout/menu.js | 1 - 1 file changed, 1 deletion(-) diff --git a/client/src/layout/menu.js b/client/src/layout/menu.js index 2c540e504648..c875cdf9c561 100644 --- a/client/src/layout/menu.js +++ b/client/src/layout/menu.js @@ -1,7 +1,6 @@ import axios from "axios"; import { getGalaxyInstance } from "app"; import _l from "utils/localization"; -import { getIdentityProviders } from "components/User/ExternalIdentities/service"; const POST_LOGOUT_URL = "root/login?is_logout_redirect=true";