Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/passport/sdk/src/Passport.ts
Original file line number Diff line number Diff line change
Expand Up @@ -323,7 +323,7 @@ export class Passport {
* Returns the logout URL for the current user.
* @returns {Promise<string>} The logout URL
*/
public async getLogoutUrl(): Promise<string> {
public async getLogoutUrl(): Promise<string | null> {
return withMetricsAsync(async () => {
await this.authManager.removeUser();
await this.magicAdapter.logout();
Expand Down
46 changes: 42 additions & 4 deletions packages/passport/sdk/src/authManager.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ const clientId = '11111';
const redirectUri = 'https://test.com';
const popupRedirectUri = `${redirectUri}-popup`;
const logoutEndpoint = '/v2/logout';
const crossSdkBridgeLogoutEndpoint = '/im-logged-out';
const logoutRedirectUri = `${redirectUri}logout/callback`;

const getConfig = (values?: Partial<PassportModuleConfiguration>) => new PassportConfiguration({
Expand Down Expand Up @@ -108,7 +109,7 @@ describe('AuthManager', () => {
mockOverlayAppend = jest.fn();
mockOverlayRemove = jest.fn();
mockRevokeTokens = jest.fn();
(UserManager as jest.Mock).mockReturnValue({
(UserManager as jest.Mock).mockImplementation((config) => ({
signinPopup: mockSigninPopup,
signinCallback: mockSigninCallback,
signinRedirectCallback: mockSigninRedirectCallback,
Expand All @@ -118,7 +119,12 @@ describe('AuthManager', () => {
signinSilent: mockSigninSilent,
storeUser: mockStoreUser,
revokeTokens: mockRevokeTokens,
});
settings: {
metadata: {
end_session_endpoint: config.metadata?.end_session_endpoint,
},
},
}));
(Overlay as jest.Mock).mockReturnValue({
append: mockOverlayAppend,
remove: mockOverlayRemove,
Expand Down Expand Up @@ -718,7 +724,9 @@ describe('AuthManager', () => {

const am = new AuthManager(getConfig({ logoutRedirectUri }));
const result = await am.getLogoutUrl();
const uri = new URL(result);

expect(result).not.toBeNull();
const uri = new URL(result!);

expect(uri.hostname).toEqual(authenticationDomain);
expect(uri.pathname).toEqual(logoutEndpoint);
Expand All @@ -733,13 +741,43 @@ describe('AuthManager', () => {

const am = new AuthManager(getConfig());
const result = await am.getLogoutUrl();
const uri = new URL(result);

expect(result).not.toBeNull();
const uri = new URL(result!);

expect(uri.hostname).toEqual(authenticationDomain);
expect(uri.pathname).toEqual(logoutEndpoint);
expect(uri.searchParams.get('client_id')).toEqual(clientId);
});
});

describe('when crossSdkBridgeEnabled is true', () => {
it('should use the bridge logout endpoint path', async () => {
mockGetUser.mockReturnValue(mockOidcUser);

const am = new AuthManager(getConfig({ crossSdkBridgeEnabled: true, logoutRedirectUri }));
const result = await am.getLogoutUrl();

expect(result).not.toBeNull();
const uri = new URL(result!);

expect(uri.hostname).toEqual(authenticationDomain);
expect(uri.pathname).toEqual(crossSdkBridgeLogoutEndpoint);
expect(uri.searchParams.get('client_id')).toEqual(clientId);
expect(uri.searchParams.get('returnTo')).toEqual(logoutRedirectUri);
});
});
});

describe('when end_session_endpoint is not available', () => {
it('should return null', async () => {
const am = new AuthManager(getConfig());
// eslint-disable-next-line @typescript-eslint/dot-notation
am['userManager'].settings.metadata!.end_session_endpoint = undefined;

const result = await am.getLogoutUrl();
expect(result).toBeNull();
});
});
});

Expand Down
21 changes: 13 additions & 8 deletions packages/passport/sdk/src/authManager.ts
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,13 @@ const formUrlEncodedHeader = {
};

const logoutEndpoint = '/v2/logout';
const crossSdkBridgeLogoutEndpoint = '/im-logged-out';
const authorizeEndpoint = '/authorize';

const getLogoutEndpointPath = (crossSdkBridgeEnabled: boolean): string => (
crossSdkBridgeEnabled ? crossSdkBridgeLogoutEndpoint : logoutEndpoint
);

const getAuthConfiguration = (config: PassportConfiguration): UserManagerSettings => {
const { authenticationDomain, oidcConfiguration } = config;

Expand All @@ -53,7 +58,7 @@ const getAuthConfiguration = (config: PassportConfiguration): UserManagerSetting
}
const userStore = new WebStorageStateStore({ store });

const endSessionEndpoint = new URL(logoutEndpoint, authenticationDomain.replace(/^(?:https?:\/\/)?(.*)/, 'https://$1'));
const endSessionEndpoint = new URL(getLogoutEndpointPath(config.crossSdkBridgeEnabled), authenticationDomain.replace(/^(?:https?:\/\/)?(.*)/, 'https://$1'));
endSessionEndpoint.searchParams.set('client_id', oidcConfiguration.clientId);
if (oidcConfiguration.logoutRedirectUri) {
endSessionEndpoint.searchParams.set('returnTo', oidcConfiguration.logoutRedirectUri);
Expand Down Expand Up @@ -368,15 +373,15 @@ export default class AuthManager {
return this.userManager.removeUser();
}

public async getLogoutUrl(): Promise<string> {
const { authenticationDomain, oidcConfiguration } = this.config;

const endSessionEndpoint = new URL(logoutEndpoint, authenticationDomain);
endSessionEndpoint.searchParams.set('client_id', oidcConfiguration.clientId);
public async getLogoutUrl(): Promise<string | null> {
const endSessionEndpoint = this.userManager.settings?.metadata?.end_session_endpoint;

if (oidcConfiguration.logoutRedirectUri) endSessionEndpoint.searchParams.set('returnTo', oidcConfiguration.logoutRedirectUri);
if (!endSessionEndpoint) {
logger.warn('Failed to get logout URL');
return null;
}

return endSessionEndpoint.toString();
return endSessionEndpoint;
}

public forceUserRefreshInBackground() {
Expand Down