Logout from idp only when end_session_endpoint

MarcialRosales · MarcialRosales · commit baf253a5c74c · 2024-04-23T12:06:34.000+02:00
is available
diff --git a/deps/rabbitmq_management/priv/www/js/main.js b/deps/rabbitmq_management/priv/www/js/main.js
@@ -167,7 +167,7 @@ function start_app_login () {
       });
     }
   })
-  // TODO REFACTOR: this code can be simplified
+  
   if (oauth.enabled) {
     if (has_auth_credentials()) {
       check_login();
diff --git a/deps/rabbitmq_management/priv/www/js/oidc-oauth/helper.js b/deps/rabbitmq_management/priv/www/js/oidc-oauth/helper.js
@@ -243,11 +243,23 @@ function oauth_completeLogin() {
 
 function oauth_initiateLogout() {
   if (oauth.sp_initiated) {
-    mgr.signoutRedirect()
+    mgr.metadataService.getEndSessionEndpoint().then(endpoint => {
+      if (endpoint == undefined) {
+        // Logout only from management UI 
+        mgr.removeUser().then(res => {
+          clear_auth()
+          oauth_redirectToLogin()
+        })
+      }else {
+        // OpenId Connect RP-Initiated Logout
+        mgr.signoutRedirect()
+      }
+    })
   } else {
     go_to_authority()
   }
 }
+
 function oauth_completeLogout() {
     clear_auth()
     mgr.signoutRedirectCallback().then(_ => oauth_redirectToLogin())
@@ -265,8 +277,5 @@ function validate_openid_configuration(payload) {
   if (typeof payload.jwks_uri != 'string') {
     throw new Error("Missing jwks_uri")
   }
-  if (typeof payload.end_session_endpoint != 'string') {
-    throw new Error("Missing end_session_endpoint")
-  }
 
 }

Original file line number	Diff line number	Diff line change
`@@ -167,7 +167,7 @@ function start_app_login () {`
`167`	`167`	`});`
`168`	`168`	`}`
`169`	`169`	`})`
`170`		`- // TODO REFACTOR: this code can be simplified`
	`170`	`+`
`171`	`171`	`if (oauth.enabled) {`
`172`	`172`	`if (has_auth_credentials()) {`
`173`	`173`	`check_login();`