From 63a875bd5bea985e7defca5de5584354cb93258e Mon Sep 17 00:00:00 2001 From: Lebaud Antoine Date: Wed, 10 Apr 2024 00:18:17 +0200 Subject: [PATCH] =?UTF-8?q?=E2=99=BB=EF=B8=8F(frontend)=20redirect=20the?= =?UTF-8?q?=20user=20agent=20to=20the=20logout=20endpoint?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Recent updates in the backend views now requires the user agent to be redirected to the logout endpoint. The logout endpoint should initiate the logout flow with the OIDC provider, by redirecting the user to the OIDC provider domain. Thus, OIDC provider session cookie should be cleared. E2E tests should be improved later on, when the CI and the development env use Agent Connect integration environment. The current logout is not working with the Keycloack configuration. --- .../desk/src/api/__tests__/fetchApi.test.tsx | 18 +++++------------- .../apps/desk/src/core/auth/api/index.ts | 1 - .../apps/desk/src/core/auth/api/logout.ts | 8 -------- .../apps/desk/src/core/auth/useAuthStore.tsx | 8 ++++---- .../apps/e2e/__tests__/app-desk/header.spec.ts | 2 -- 5 files changed, 9 insertions(+), 28 deletions(-) delete mode 100644 src/frontend/apps/desk/src/core/auth/api/logout.ts diff --git a/src/frontend/apps/desk/src/api/__tests__/fetchApi.test.tsx b/src/frontend/apps/desk/src/api/__tests__/fetchApi.test.tsx index cd20fb8..1be911b 100644 --- a/src/frontend/apps/desk/src/api/__tests__/fetchApi.test.tsx +++ b/src/frontend/apps/desk/src/api/__tests__/fetchApi.test.tsx @@ -34,22 +34,14 @@ describe('fetchAPI', () => { }); it('logout if 401 response', async () => { - useAuthStore.setState({ - authenticated: true, - userData: { id: '123', email: 'test@test.com' }, - }); + const logoutMock = jest.fn(); + jest + .spyOn(useAuthStore.getState(), 'logout') + .mockImplementation(logoutMock); fetchMock.mock('http://some.api.url/api/v1.0/some/url', 401); - fetchMock.mock('http://some.api.url/api/v1.0/logout/', 302); - await fetchAPI('some/url'); - await Promise.all([fetchMock.flush()]); - - expect(fetchMock.lastUrl()).toEqual('http://some.api.url/api/v1.0/logout/'); - - const { userData, authenticated } = useAuthStore.getState(); - expect(userData).toBeUndefined(); - expect(authenticated).toBeFalsy(); + expect(logoutMock).toHaveBeenCalled(); }); }); diff --git a/src/frontend/apps/desk/src/core/auth/api/index.ts b/src/frontend/apps/desk/src/core/auth/api/index.ts index 45350f2..e7086fe 100644 --- a/src/frontend/apps/desk/src/core/auth/api/index.ts +++ b/src/frontend/apps/desk/src/core/auth/api/index.ts @@ -1,3 +1,2 @@ export * from './types'; export * from './getMe'; -export * from './logout'; diff --git a/src/frontend/apps/desk/src/core/auth/api/logout.ts b/src/frontend/apps/desk/src/core/auth/api/logout.ts deleted file mode 100644 index 31bbea7..0000000 --- a/src/frontend/apps/desk/src/core/auth/api/logout.ts +++ /dev/null @@ -1,8 +0,0 @@ -import { fetchAPI } from '@/api'; - -export const logout = async () => { - await fetchAPI(`logout/`, { - method: 'POST', - redirect: 'manual', - }); -}; diff --git a/src/frontend/apps/desk/src/core/auth/useAuthStore.tsx b/src/frontend/apps/desk/src/core/auth/useAuthStore.tsx index 6b430e1..27174db 100644 --- a/src/frontend/apps/desk/src/core/auth/useAuthStore.tsx +++ b/src/frontend/apps/desk/src/core/auth/useAuthStore.tsx @@ -1,6 +1,6 @@ import { create } from 'zustand'; -import { User, getMe, logout } from './api'; +import { User, getMe } from './api'; export const login = () => { window.location.replace( @@ -34,8 +34,8 @@ export const useAuthStore = create((set) => ({ }); }, logout: () => { - void logout().then(() => { - set(initialState); - }); + window.location.replace( + new URL('logout/', process.env.NEXT_PUBLIC_API_URL).href, + ); }, })); diff --git a/src/frontend/apps/e2e/__tests__/app-desk/header.spec.ts b/src/frontend/apps/e2e/__tests__/app-desk/header.spec.ts index c6b5dfd..ccb851a 100644 --- a/src/frontend/apps/e2e/__tests__/app-desk/header.spec.ts +++ b/src/frontend/apps/e2e/__tests__/app-desk/header.spec.ts @@ -50,8 +50,6 @@ test.describe('Header', () => { }) .click(); - // FIXME - assert the session has been killed in Keycloak - await expect(page.getByRole('button', { name: 'Sign in' })).toBeVisible(); });