From e55a9273bfda358c1eb680f29937c334cd6d5f3d Mon Sep 17 00:00:00 2001
From: Kenneth Kehl <@kkehl@flexion.us>
Date: Wed, 22 Nov 2023 08:28:07 -0800
Subject: [PATCH] code review feedback

---
 app/main/views/sign_out.py | 6 ++++--
 sample.env                 | 4 +++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/main/views/sign_out.py b/app/main/views/sign_out.py
index e54bb018d..8e4296af7 100644
--- a/app/main/views/sign_out.py
+++ b/app/main/views/sign_out.py
@@ -12,9 +12,11 @@ from app.main import main
 
 
 def _sign_out_at_login_dot_gov():
-    base_url = "https://idp.int.identitysandbox.gov/openid_connect/logout?"
+    base_url = os.getenv("LOGIN_DOT_GOV_BASE_LOGOUT_URL")
     client_id = f"client_id={os.getenv('LOGIN_DOT_GOV_CLIENT_ID')}"
-    post_logout_redirect_uri = "post_logout_redirect_uri=http://localhost:6012/sign-out"
+    post_logout_redirect_uri = (
+        f"post_logout_redirect_uri={os.getenv('LOGIN_DOT_GOV_SIGNOUT_REDIRECT')}"
+    )
 
     url = f"{base_url}{client_id}&{post_logout_redirect_uri}"
     current_app.logger.info(f"url={url}")
diff --git a/sample.env b/sample.env
index 7f4fb6791..8b497b9af 100644
--- a/sample.env
+++ b/sample.env
@@ -47,4 +47,6 @@ NR_BROWSER_KEY="don't write secrets to the sample file"
 LOGIN_DOT_GOV_CLIENT_ID="urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:test_notify_gov"
 LOGIN_DOT_GOV_USER_INFO_URL="https://idp.int.identitysandbox.gov/api/openid_connect/userinfo"
 LOGIN_DOT_GOV_ACCESS_TOKEN_URL="https://idp.int.identitysandbox.gov/api/openid_connect/token"
-LOGIN_DOT_GOV_LOGOUT_URL="https://idp.int.identitysandbox.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:test_notify_gov&post_logout_redirect_uri=http://localhost:6012/sign-out"
\ No newline at end of file
+LOGIN_DOT_GOV_LOGOUT_URL="https://idp.int.identitysandbox.gov/openid_connect/logout?client_id=urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:test_notify_gov&post_logout_redirect_uri=http://localhost:6012/sign-out"
+LOGIN_DOT_GOV_BASE_LOGOUT_URL="https://idp.int.identitysandbox.gov/openid_connect/logout?"
+LOGIN_DOT_GOV_SIGNOUT_REDIRECT="http://localhost:6012/sign-out"
\ No newline at end of file