fix logout

This commit is contained in:
Kenneth Kehl
2023-11-14 07:11:40 -08:00
parent bda164f2a1
commit bc3928cb0f

View File

@@ -6,24 +6,39 @@ from flask_login import current_user
from app.main import main
# ask login.gov if we really need manual logout and what's up with one hour sessions
# ask login.gov how they recommend approaching dev environment
# ask Tim Donaworth the same for #2
def _sign_out_at_login_dot_gov():
# TODO this builds a url that will work correct if pasted into a browser, but returns a 404 if sent as a request
base_url = "https://idp.int.identitysandbox.gov/openid_connect/logout?"
client_id = f"client_id={os.getenv('LOGIN_DOT_GOV_CLIENT_ID')}"
post_logout_redirect_uri = "post_logout_redirect_uri=http://localhost:6012/sign-in"
post_logout_redirect_uri = "post_logout_redirect_uri=http://localhost:6012/sign-out"
url = f"{base_url}{client_id}&{post_logout_redirect_uri}"
current_app.logger.info(f"url={url}")
response = requests.post(url, headers={"User-Agent": "Custom"})
response = requests.post(url)
# response = requests.post(url)
current_app.logger.info(f"login.gov response: {response.text}")
@main.route("/sign-out", methods=(["GET", "POST"]))
def sign_out():
# An AnonymousUser does not have an id
current_app.logger.info("HIT THE REGULAR SIGN OUT")
if current_user.is_authenticated:
# TODO This doesn't work yet, due to problems above.
_sign_out_at_login_dot_gov()
current_user.sign_out()
return redirect("https://idp.int.identitysandbox.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:test_notify_gov&post_logout_redirect_uri=http://localhost:6012/sign-out")
return redirect(url_for("main.index"))
@main.route("/sign-out-at-login-gov", methods=(["POST"]))
def sign_out_at_login_gov():
current_app.logger.info("SHOULD BE REDIRECTING TO LOGIN GOV")
return redirect("https://idp.int.identitysandbox.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:test_notify_gov&post_logout_redirect_uri=http://localhost:6012/sign-out")