From b19af1084749f7d4d1b77ce8a383c1072be3f8ae Mon Sep 17 00:00:00 2001 From: Dinuka De Silva Date: Mon, 20 Jul 2020 15:07:10 +0530 Subject: [PATCH 1/3] Adding tabulation logout endpoint --- routes/auth.js | 43 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/routes/auth.js b/routes/auth.js index b10ed72..3113a2b 100644 --- a/routes/auth.js +++ b/routes/auth.js @@ -117,7 +117,7 @@ const getUserInfo = async (tocken) => { const tabulationConfig = { serverRedirectUri: 'http://localhost:3001/tabulation/auth/callback', - clientRedirectUri: 'http://localhost:3000/auth', + clientRedirectUri: 'http://localhost:3000', isBaseUrl: 'https://apim-gateway.ecdev.opensource.lk/', } @@ -132,9 +132,7 @@ const tabulationCredentials = { // Initialize the OAuth2 Library const tabulationOauth2 = require('simple-oauth2').create(tabulationCredentials); - -/* GET users listing. */ -router.get('/tabulation/signin', function (req, res, next) { +const getTabulationAuthorizationUrl = function () { const authorizationUri = tabulationOauth2.authorizationCode.authorizeURL({ redirect_uri: tabulationConfig.serverRedirectUri, //process.env.host + scope: 'openid' + @@ -150,7 +148,12 @@ router.get('/tabulation/signin', function (req, res, next) { state: '' }); - res.redirect(authorizationUri); + return authorizationUri; +}; + +/* GET users listing. */ +router.get('/tabulation/signin', function (req, res, next) { + res.redirect(getTabulationAuthorizationUrl()); }); router.get('/tabulation/auth/callback', async function (req, res, next) { @@ -191,7 +194,7 @@ router.get('/tabulation/auth/callback', async function (req, res, next) { res.cookie('tabulation_access_token',accessToken['token']['access_token'], { maxAge: 900000, httpOnly: false }); res.cookie('tabulation_id_token',accessToken['token']['id_token'], { maxAge: 900000, httpOnly: false }); res.cookie('userinfo',JSON.stringify(userInfo), { maxAge: 900000, httpOnly: false }); - res.redirect( tabulationConfig.clientRedirectUri); + res.redirect(tabulationConfig.clientRedirectUri); }).catch(function(error){ console.log(error); res.send(); @@ -213,7 +216,33 @@ const getTabulationUserInfo = async (tocken) => { } catch (error) { console.error(error) } -} +}; + +const revocTocken = async (tocken) => { + try { + const instance = axios.create({ + baseURL: tabulationConfig.isBaseUrl + }); + instance.defaults.headers.common['Authorization'] = 'Basic '+tabulationCredentials.client.id + ':' + tabulationCredentials.client.secret; + instance.defaults.headers.post['token'] =tocken; + instance.defaults.headers.post['Content-Type'] ='application/x-www-form-urlencoded'; + const res = await instance.post('oauth2/revoke'); + return res.data; + } catch (error) { + console.error(error) + } +}; + +router.get('/tabulation/signout',async function (req, res, next) { + console.log("Logout"); + // At request level + await revocTocken(req.cookies['tabulation_access_token']); + + res.clearCookie('tabulation_access_token'); + res.clearCookie('tabulation_id_token'); + res.clearCookie('userinfo'); + res.redirect(getTabulationAuthorizationUrl()); +}); module.exports = router; From a6543e72dc312a040d7a8378443f158e3810d854 Mon Sep 17 00:00:00 2001 From: Dinuka De Silva Date: Mon, 20 Jul 2020 16:54:07 +0530 Subject: [PATCH 2/3] Refactoring --- routes/auth.js | 63 +++++++++++++++++++++++++------------------------- 1 file changed, 31 insertions(+), 32 deletions(-) diff --git a/routes/auth.js b/routes/auth.js index 3113a2b..5a11128 100644 --- a/routes/auth.js +++ b/routes/auth.js @@ -132,7 +132,7 @@ const tabulationCredentials = { // Initialize the OAuth2 Library const tabulationOauth2 = require('simple-oauth2').create(tabulationCredentials); -const getTabulationAuthorizationUrl = function () { +function getTabulationAuthorizationUrl() { const authorizationUri = tabulationOauth2.authorizationCode.authorizeURL({ redirect_uri: tabulationConfig.serverRedirectUri, //process.env.host + scope: 'openid' + @@ -151,7 +151,34 @@ const getTabulationAuthorizationUrl = function () { return authorizationUri; }; -/* GET users listing. */ +async function getTabulationUserInfo(tocken) { + try { + const instance = axios.create({ + baseURL: tabulationConfig.isBaseUrl + }); + instance.defaults.headers.common['Authorization'] = 'Bearer '+tocken + const res = await instance.get('/userinfo?schema=openid'); + return res.data; + } catch (error) { + console.error(error) + } +} + +async function revokeTabulationToken(tocken) { + try { + const instance = axios.create({ + baseURL: tabulationConfig.isBaseUrl + }); + instance.defaults.headers.common['Authorization'] = 'Basic '+tabulationCredentials.client.id + ':' + tabulationCredentials.client.secret; + instance.defaults.headers.post['token'] =tocken; + instance.defaults.headers.post['Content-Type'] ='application/x-www-form-urlencoded'; + const res = await instance.post('oauth2/revoke'); + return res.data; + } catch (error) { + console.error(error) + } +} + router.get('/tabulation/signin', function (req, res, next) { res.redirect(getTabulationAuthorizationUrl()); }); @@ -205,38 +232,10 @@ router.get('/tabulation/auth/callback', async function (req, res, next) { } }); -const getTabulationUserInfo = async (tocken) => { - try { - const instance = axios.create({ - baseURL: tabulationConfig.isBaseUrl - }); - instance.defaults.headers.common['Authorization'] = 'Bearer '+tocken - const res = await instance.get('/userinfo?schema=openid'); - return res.data; - } catch (error) { - console.error(error) - } -}; - -const revocTocken = async (tocken) => { - try { - const instance = axios.create({ - baseURL: tabulationConfig.isBaseUrl - }); - instance.defaults.headers.common['Authorization'] = 'Basic '+tabulationCredentials.client.id + ':' + tabulationCredentials.client.secret; - instance.defaults.headers.post['token'] =tocken; - instance.defaults.headers.post['Content-Type'] ='application/x-www-form-urlencoded'; - const res = await instance.post('oauth2/revoke'); - return res.data; - } catch (error) { - console.error(error) - } -}; - router.get('/tabulation/signout',async function (req, res, next) { console.log("Logout"); - // At request level - await revocTocken(req.cookies['tabulation_access_token']); + + await revokeTabulationToken(req.cookies['tabulation_access_token']); res.clearCookie('tabulation_access_token'); res.clearCookie('tabulation_id_token'); From 3043b718f2cfcab52c6c79d262f936fa989859f9 Mon Sep 17 00:00:00 2001 From: Dinuka De Silva Date: Mon, 20 Jul 2020 20:28:26 +0530 Subject: [PATCH 3/3] adding the logout url to the tabulation logout --- routes/auth.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/routes/auth.js b/routes/auth.js index 5a11128..55538bc 100644 --- a/routes/auth.js +++ b/routes/auth.js @@ -237,11 +237,13 @@ router.get('/tabulation/signout',async function (req, res, next) { await revokeTabulationToken(req.cookies['tabulation_access_token']); + var URL = logoutUrl + "?id_token_hint=" + req.cookies['tabulation_id_token'] + "&post_logout_redirect_uri=" + tabulationConfig.clientRedirectUri; + res.clearCookie('tabulation_access_token'); res.clearCookie('tabulation_id_token'); res.clearCookie('userinfo'); - res.redirect(getTabulationAuthorizationUrl()); + res.redirect(URL); }); module.exports = router;