Added auth strategy logout url.

This commit is contained in:
Ylian Saint-Hilaire 2021-10-16 23:55:34 -07:00
parent cce929eed1
commit a99790c7ec
2 changed files with 30 additions and 8 deletions

View File

@ -740,7 +740,8 @@
"newAccounts": { "type": "boolean", "default": false }, "newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } }, "newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" }, "clientid": { "type": "string" },
"clientsecret": { "type": "string" } "clientsecret": { "type": "string" },
"logouturl": {"type": "string", "format": "uri", "description": "Then set, the user will be redirected to this URL when hitting the logout link."}
}, },
"required": [ "clientid", "clientsecret" ] "required": [ "clientid", "clientsecret" ]
}, },
@ -751,7 +752,8 @@
"newAccounts": { "type": "boolean", "default": false }, "newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } }, "newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" }, "clientid": { "type": "string" },
"clientsecret": { "type": "string" } "clientsecret": { "type": "string" },
"logouturl": {"type": "string", "format": "uri", "description": "Then set, the user will be redirected to this URL when hitting the logout link."}
}, },
"required": [ "clientid", "clientsecret" ] "required": [ "clientid", "clientsecret" ]
}, },
@ -762,7 +764,8 @@
"newAccounts": { "type": "boolean", "default": false }, "newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } }, "newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" }, "clientid": { "type": "string" },
"clientsecret": { "type": "string" } "clientsecret": { "type": "string" },
"logouturl": {"type": "string", "format": "uri", "description": "Then set, the user will be redirected to this URL when hitting the logout link."}
}, },
"required": [ "clientid", "clientsecret" ] "required": [ "clientid", "clientsecret" ]
}, },
@ -773,7 +776,8 @@
"newAccounts": { "type": "boolean", "default": false }, "newAccounts": { "type": "boolean", "default": false },
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } }, "newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" }, "clientid": { "type": "string" },
"clientsecret": { "type": "string" } "clientsecret": { "type": "string" },
"logouturl": {"type": "string", "format": "uri", "description": "Then set, the user will be redirected to this URL when hitting the logout link."}
}, },
"required": [ "clientid", "clientsecret" ] "required": [ "clientid", "clientsecret" ]
}, },
@ -785,7 +789,8 @@
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } }, "newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"clientid": { "type": "string" }, "clientid": { "type": "string" },
"clientsecret": { "type": "string" }, "clientsecret": { "type": "string" },
"tenantid": { "type": "string" } "tenantid": { "type": "string" },
"logouturl": {"type": "string", "format": "uri", "description": "Then set, the user will be redirected to this URL when hitting the logout link."}
}, },
"required": [ "clientid", "clientsecret", "tenantid" ] "required": [ "clientid", "clientsecret", "tenantid" ]
}, },
@ -797,7 +802,8 @@
"newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } }, "newAccountsUserGroups": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"entityid": { "type": "string" }, "entityid": { "type": "string" },
"idpurl": { "type": "string", "format": "uri" }, "idpurl": { "type": "string", "format": "uri" },
"cert": { "type": "string" } "cert": { "type": "string" },
"logouturl": {"type": "string", "format": "uri", "description": "Then set, the user will be redirected to this URL when hitting the logout link."}
}, },
"required": [ "entityid", "idpurl", "cert" ] "required": [ "entityid", "idpurl", "cert" ]
}, },
@ -811,7 +817,8 @@
"newAccountsRights": { "type": "array", "uniqueItems": true, "items": { "type": "string" } }, "newAccountsRights": { "type": "array", "uniqueItems": true, "items": { "type": "string" } },
"entityid": { "type": "string" }, "entityid": { "type": "string" },
"idpurl": { "type": "string", "format": "uri" }, "idpurl": { "type": "string", "format": "uri" },
"cert": { "type": "string" } "cert": { "type": "string" },
"logouturl": {"type": "string", "format": "uri", "description": "Then set, the user will be redirected to this URL when hitting the logout link."}
}, },
"required": [ "entityid", "idpurl", "cert" ] "required": [ "entityid", "idpurl", "cert" ]
} }

View File

@ -764,13 +764,28 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
res.set({ 'Cache-Control': 'no-store' }); res.set({ 'Cache-Control': 'no-store' });
// Destroy the user's session to log them out will be re-created next request // Destroy the user's session to log them out will be re-created next request
var userid = req.session.userid;
if (req.session.userid) { if (req.session.userid) {
var user = obj.users[req.session.userid]; var user = obj.users[req.session.userid];
if (user != null) { obj.parent.DispatchEvent(['*'], obj, { etype: 'user', userid: user._id, username: user.name, action: 'logout', msgid: 2, msg: 'Account logout', domain: domain.id }); } if (user != null) { obj.parent.DispatchEvent(['*'], obj, { etype: 'user', userid: user._id, username: user.name, action: 'logout', msgid: 2, msg: 'Account logout', domain: domain.id }); }
} }
req.session = null; req.session = null;
if (req.query.key != null) { res.redirect(domain.url + '?key=' + req.query.key); } else { res.redirect(domain.url); }
parent.debug('web', 'handleLogoutRequest: success.'); parent.debug('web', 'handleLogoutRequest: success.');
// If this user was logged in using an authentication strategy and there is a logout URL, use it.
if ((userid != null) && (domain.authstrategies != null)) {
const u = userid.split('/')[2];
if (u.startsWith('~twitter:') && (domain.authstrategies.twitter != null) && (typeof domain.authstrategies.twitter.logouturl == 'string')) { res.redirect(domain.authstrategies.twitter.logouturl); return; }
if (u.startsWith('~google:') && (domain.authstrategies.google != null) && (typeof domain.authstrategies.google.logouturl == 'string')) { res.redirect(domain.authstrategies.google.logouturl); return; }
if (u.startsWith('~github:') && (domain.authstrategies.github != null) && (typeof domain.authstrategies.github.logouturl == 'string')) { res.redirect(domain.authstrategies.github.logouturl); return; }
if (u.startsWith('~reddit:') && (domain.authstrategies.reddit != null) && (typeof domain.authstrategies.reddit.logouturl == 'string')) { res.redirect(domain.authstrategies.reddit.logouturl); return; }
if (u.startsWith('~azure:') && (domain.authstrategies.azure != null) && (typeof domain.authstrategies.azure.logouturl == 'string')) { res.redirect(domain.authstrategies.azure.logouturl); return; }
if (u.startsWith('~jumpcloud:') && (domain.authstrategies.jumpcloud != null) && (typeof domain.authstrategies.jumpcloud.logouturl == 'string')) { res.redirect(domain.authstrategies.jumpcloud.logouturl); return; }
if (u.startsWith('~saml:') && (domain.authstrategies.saml != null) && (typeof domain.authstrategies.saml.logouturl == 'string')) { res.redirect(domain.authstrategies.saml.logouturl); return; }
}
// This is the default logout redirect to the login page
if (req.query.key != null) { res.redirect(domain.url + '?key=' + req.query.key); } else { res.redirect(domain.url); }
} }
// Return true if this user has 2-step auth active // Return true if this user has 2-step auth active