0001-implement-FranceConnect-logout-25696.patch
tests/test_fc_auth.py | ||
---|---|---|
168 | 168 |
assert session.extra_user_variables['fc_sub'] == 'ymca' |
169 | 169 | |
170 | 170 |
resp = app.get('/logout') |
171 |
assert resp.location.endswith('/ident/fc/logout') |
|
172 |
resp = resp.follow() |
|
173 |
assert resp.location == 'https://fcp.integ01.dev-franceconnect.fr/api/v1/logout?post_logout_redirect_uri=http%3A%2F%2Fexample.net' |
|
174 |
assert not get_session(app) |
|
171 | 175 | |
172 | 176 |
# Test error handling path |
173 | 177 |
resp = app.get('/ident/fc/callback?%s' % urllib.urlencode({ |
wcs/qommon/ident/franceconnect.py | ||
---|---|---|
100 | 100 | |
101 | 101 | |
102 | 102 |
class MethodDirectory(Directory): |
103 |
_q_exports = ['login', 'callback'] |
|
103 |
_q_exports = ['login', 'logout', 'callback']
|
|
104 | 104 | |
105 | 105 |
def login(self): |
106 | 106 |
return FCAuthMethod().login() |
107 | 107 | |
108 |
def logout(self): |
|
109 |
return FCAuthMethod().logout() |
|
110 | ||
108 | 111 |
def callback(self): |
109 | 112 |
return FCAuthMethod().callback() |
110 | 113 | |
... | ... | |
222 | 225 |
r += _('Callback URL is %s.') % fc_callback |
223 | 226 |
r += htmltext('</p>') |
224 | 227 |
r += htmltext('<p>') |
228 |
r += _('Logout callback URL is %s.') % get_publisher().get_frontoffice_url() |
|
229 |
r += htmltext('</p>') |
|
230 |
r += htmltext('<p>') |
|
225 | 231 |
r += htmltext(_('See <a href="https://franceconnect.gouv.fr/fournisseur-service">' |
226 | 232 |
'FranceConnect partners\'site</a> for getting a client_id and ' |
227 | 233 |
'a client_secret.')) |
... | ... | |
463 | 469 |
session.set_user(user.id) |
464 | 470 |
session.extra_user_variables = session_var_fc_user |
465 | 471 |
return redirect(next_url) |
472 | ||
473 |
def logout(self): |
|
474 |
logout_url = self.get_logout_url() |
|
475 |
post_logout_redirect_uri = get_publisher().get_frontoffice_url() |
|
476 |
logout_url += '?' + urllib.urlencode({ |
|
477 |
'post_logout_redirect_uri': post_logout_redirect_uri, |
|
478 |
}) |
|
479 |
return redirect(logout_url) |
wcs/root.py | ||
---|---|---|
264 | 264 |
if not session: |
265 | 265 |
return redirect(get_publisher().get_root_url()) |
266 | 266 |
ident_methods = get_cfg('identification', {}).get('methods', []) |
267 | ||
268 |
if session.extra_user_variables and 'fc_sub' in session.extra_user_variables: |
|
269 |
get_session_manager().expire_session() |
|
270 |
return redirect(get_publisher().get_root_url() + 'ident/fc/logout') |
|
271 | ||
267 | 272 |
if not 'idp' in ident_methods: |
268 | 273 |
get_session_manager().expire_session() |
269 | 274 |
return redirect(get_publisher().get_root_url()) |
270 |
- |