Skip to content

Commit

Permalink
Add configurable post_logout_redirect_uri
Browse files Browse the repository at this point in the history
  • Loading branch information
@VicDeo
VicDeo committed Jul 28, 2020
1 parent 013e0ba commit d5c733e
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 9 deletions.
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ $CONFIG = [
'client-id' => 'fc9b5c78-ec73-47bf-befc-59d4fe780f6f',
'client-secret' => 'e3e5b04a-3c3c-4f4d-b16c-2a6e9fdd3cd1',
'loginButtonName' => 'OpenId Connect',
'post_logout_redirect_uri' => '...',
'provider-params' => [
'authorization_endpoint' => '...',
'token_endpoint' => '...',
Expand Down
4 changes: 3 additions & 1 deletion lib/SessionVerifier.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,9 @@ public function afterLogout($accessToken, $idToken): void {
$this->session->remove('oca.openid-connect.refresh-token');
$this->session->remove('oca.openid-connect.id-token');
$this->logger->debug('OIDC Logout: ending session ' . $accessToken . ' id: ' . $idToken);
$this->client->signOut($idToken, null);
$openIdConfig = $this->client->getOpenIdConfig();
$redirectUri = $openIdConfig['post_logout_redirect_uri'] ?? null;
$this->client->signOut($idToken, $redirectUri);
} catch (OpenIDConnectClientException $ex) {
$this->logger->logException($ex);
}
Expand Down
31 changes: 23 additions & 8 deletions tests/unit/SessionVerifierTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,23 +22,15 @@

namespace OCA\OpenIdConnect\Tests\Unit;

use http\Exception;
use OC\HintException;
use OCA\OpenIdConnect\Client;
use OCA\OpenIdConnect\EventHandler;
use OCA\OpenIdConnect\Logger;
use OCA\OpenIdConnect\SessionVerifier;
use OCP\ICache;
use OCP\ICacheFactory;
use OCP\IRequest;
use OCP\ISession;
use OCP\IUser;
use OCP\IUserSession;
use OCP\SabrePluginEvent;
use PHPUnit\Framework\MockObject\MockObject;
use Sabre\DAV\Auth\Plugin;
use Sabre\DAV\Server;
use Symfony\Component\EventDispatcher\Event;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Test\TestCase;

Expand Down Expand Up @@ -209,4 +201,27 @@ public function testValidFreshAccessTokenWithIntrospection(): void {

$this->sessionVerifier->verifySession();
}

public function provideOpenIdConfig() {
return [
[null, null],
[[], null],
[['post_logout_redirect_uri' => null], null],
[['post_logout_redirect_uri' => 'http://localhost'], 'http://localhost'],
];
}

/**
* @dataProvider provideOpenIdConfig
* @param string[]|null $openIdConfig
* @param string $expectedLogoutRedirectUri
*/
public function testLogoutRedirect($openIdConfig, $expectedLogoutRedirectUri) {
$this->client->method('getOpenIdConfig')
->willReturn($openIdConfig);
$this->client->expects($this->once())
->method('signOut')
->with($this->anything(), $expectedLogoutRedirectUri);
$this->sessionVerifier->afterLogout('dummy', 'dummy');
}
}

0 comments on commit d5c733e

Please sign in to comment.