mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-07-18 13:39:57 -04:00
fix logout
This commit is contained in:
@@ -6,24 +6,39 @@ from flask_login import current_user
|
||||
|
||||
from app.main import main
|
||||
|
||||
# ask login.gov if we really need manual logout and what's up with one hour sessions
|
||||
# ask login.gov how they recommend approaching dev environment
|
||||
# ask Tim Donaworth the same for #2
|
||||
|
||||
|
||||
|
||||
def _sign_out_at_login_dot_gov():
|
||||
# TODO this builds a url that will work correct if pasted into a browser, but returns a 404 if sent as a request
|
||||
base_url = "https://idp.int.identitysandbox.gov/openid_connect/logout?"
|
||||
client_id = f"client_id={os.getenv('LOGIN_DOT_GOV_CLIENT_ID')}"
|
||||
post_logout_redirect_uri = "post_logout_redirect_uri=http://localhost:6012/sign-in"
|
||||
post_logout_redirect_uri = "post_logout_redirect_uri=http://localhost:6012/sign-out"
|
||||
|
||||
url = f"{base_url}{client_id}&{post_logout_redirect_uri}"
|
||||
current_app.logger.info(f"url={url}")
|
||||
response = requests.post(url, headers={"User-Agent": "Custom"})
|
||||
|
||||
response = requests.post(url)
|
||||
|
||||
# response = requests.post(url)
|
||||
current_app.logger.info(f"login.gov response: {response.text}")
|
||||
|
||||
|
||||
@main.route("/sign-out", methods=(["GET", "POST"]))
|
||||
def sign_out():
|
||||
# An AnonymousUser does not have an id
|
||||
current_app.logger.info("HIT THE REGULAR SIGN OUT")
|
||||
if current_user.is_authenticated:
|
||||
# TODO This doesn't work yet, due to problems above.
|
||||
_sign_out_at_login_dot_gov()
|
||||
current_user.sign_out()
|
||||
|
||||
return redirect("https://idp.int.identitysandbox.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:test_notify_gov&post_logout_redirect_uri=http://localhost:6012/sign-out")
|
||||
return redirect(url_for("main.index"))
|
||||
|
||||
|
||||
@main.route("/sign-out-at-login-gov", methods=(["POST"]))
|
||||
def sign_out_at_login_gov():
|
||||
current_app.logger.info("SHOULD BE REDIRECTING TO LOGIN GOV")
|
||||
return redirect("https://idp.int.identitysandbox.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:test_notify_gov&post_logout_redirect_uri=http://localhost:6012/sign-out")
|
||||
|
||||
Reference in New Issue
Block a user