From fee32a4e305012eeafa73a2435a10c47c824c250 Mon Sep 17 00:00:00 2001
From: Josue Kouka <jkouka@entrouvert.com>
Date: Thu, 19 Oct 2017 17:57:02 +0200
Subject: [PATCH] log out from local app when slo idp initiated (#19574)

---
 mandayejs/mandaye/utils.py |  9 ++++++++-
 mandayejs/mandaye/views.py | 15 ++++++++++-----
 mandayejs/settings.py      |  3 +++
 3 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/mandayejs/mandaye/utils.py b/mandayejs/mandaye/utils.py
index ec87a58..3b0d345 100644
--- a/mandayejs/mandaye/utils.py
+++ b/mandayejs/mandaye/utils.py
@@ -19,8 +19,10 @@ import json
 import subprocess
 import logging
 import multiprocessing
+import urlparse
 
 from django.conf import settings
+from django.shortcuts import resolve_url
 
 from Cookie import SimpleCookie
 
@@ -95,7 +97,12 @@ def get_logout_info(request):
 
     data = {}
     data['logout_locator'] = getattr(app_settings, 'SITE_LOGOUT_LOCATOR')
-    data['address'] = request.META.get('HTTP_REFERER')
+    data['address'] = request.build_absolute_uri(resolve_url('home'))
+    forced_logout_scheme = getattr(settings, 'PHANTOM_JS_LOGOUT_SCHEME')
+    if forced_logout_scheme:
+        url = urlparse.urlparse(data['address'])
+        url = url._replace(scheme=forced_logout_scheme)
+        data['address'] = url.geturl()
     cookies = SimpleCookie(request.META.get('HTTP_COOKIE'))
     domain = request.META.get('SERVER_NAME')
 
diff --git a/mandayejs/mandaye/views.py b/mandayejs/mandaye/views.py
index 6cc1550..f5bc1a3 100644
--- a/mandayejs/mandaye/views.py
+++ b/mandayejs/mandaye/views.py
@@ -21,7 +21,9 @@ from urlparse import urlparse
 
 from django.contrib.auth.models import User
 from django.contrib.auth.decorators import login_required
+from django.contrib.auth.signals import user_logged_out
 from django.contrib import messages
+from django.dispatch import receiver
 from django.http import HttpResponseRedirect, HttpResponse
 from django.shortcuts import render, resolve_url
 from django.template import RequestContext
@@ -50,11 +52,6 @@ def home(request):
 
 def logout(request, *args, **kwargs):
     logger.debug("running slo")
-    data = get_logout_info(request)
-    logger.debug(data)
-    logger.debug("running phantomjs logout")
-    result = exec_phantom(data, script='do_logout.js')
-    logger.debug(result)
     response = mellon_logout(request, *args, **kwargs)
     logger.debug("deleting cookies")
     for cookie in app_settings.SITE_AUTH_COOKIE_KEYS:
@@ -64,6 +61,14 @@ def logout(request, *args, **kwargs):
     return response
 
 
+@receiver(user_logged_out)
+def local_logout(sender, request, user, **kwargs):
+    data = get_logout_info(request)
+    logger.debug(data)
+    result = exec_phantom(data, script='do_logout.js')
+    logger.debug(result)
+
+
 class Panel(TemplateView):
     template_name = 'mandaye/panel.html'
 
diff --git a/mandayejs/settings.py b/mandayejs/settings.py
index 4783c99..33712c4 100644
--- a/mandayejs/settings.py
+++ b/mandayejs/settings.py
@@ -167,6 +167,9 @@ PHANTOM_JS_BINARY = '/usr/bin/phantomjs'
 # Default timeout before killing Phantomjs process
 PHANTOM_JS_TIMEOUT = 10
 
+# Scheme to use for phantomjs logout
+PHANTOM_JS_LOGOUT_SCHEME = None  # Default is request scheme
+
 JSONFIELD_ENCODER_CLASS = 'django.core.serializers.json.DjangoJSONEncoder'
 
 local_settings_file = os.environ.get('MANDAYEJS_SETTINGS_FILE',
-- 
2.11.0