mirror of
				https://github.com/livebook-dev/livebook.git
				synced 2025-10-25 04:46:04 +08:00 
			
		
		
		
	Redirects the user to Teams logout page (#2959)
This commit is contained in:
		
							parent
							
								
									bb77d48f63
								
							
						
					
					
						commit
						07f5409396
					
				
					 6 changed files with 24 additions and 64 deletions
				
			
		|  | @ -238,15 +238,6 @@ defmodule Livebook.Teams.Requests do | |||
|     get("/api/v1/org/identity", %{access_token: access_token}, team) | ||||
|   end | ||||
| 
 | ||||
|   @doc """ | ||||
|   Send a request to Livebook Team API to revoke session from given access token. | ||||
|   """ | ||||
|   @spec logout_identity_provider(Team.t(), String.t()) :: | ||||
|           {:ok, String.t()} | {:error, map()} | {:transport_error, String.t()} | ||||
|   def logout_identity_provider(team, access_token) do | ||||
|     post("/api/v1/org/identity/revoke", %{access_token: access_token}, team) | ||||
|   end | ||||
| 
 | ||||
|   @doc """ | ||||
|   Normalizes errors map into errors for the given schema. | ||||
|   """ | ||||
|  |  | |||
|  | @ -38,14 +38,19 @@ defmodule Livebook.ZTA.LivebookTeams do | |||
|   # Our extension to Livebook.ZTA to deal with logouts | ||||
|   def logout(name, conn) do | ||||
|     token = get_session(conn, :livebook_teams_access_token) | ||||
| 
 | ||||
|     team = Livebook.ZTA.get(name) | ||||
| 
 | ||||
|     case Teams.Requests.logout_identity_provider(team, token) do | ||||
|       {:ok, _no_content} -> :ok | ||||
|       {:error, %{}} -> {:error, "You are already logged out."} | ||||
|       {:transport_error, reason} -> {:error, reason} | ||||
|     end | ||||
|     url = | ||||
|       Livebook.Config.teams_url() | ||||
|       |> URI.new!() | ||||
|       |> URI.append_path("/identity/logout") | ||||
|       |> URI.append_query("org_id=#{team.org_id}&access_token=#{token}") | ||||
|       |> URI.to_string() | ||||
| 
 | ||||
|     conn | ||||
|     |> configure_session(renew: true) | ||||
|     |> clear_session() | ||||
|     |> redirect(external: url) | ||||
|   end | ||||
| 
 | ||||
|   defp handle_request(conn, team, %{"teams_identity" => _, "code" => code}) do | ||||
|  |  | |||
|  | @ -17,15 +17,11 @@ defmodule LivebookWeb.UserController do | |||
|     conn | ||||
|     |> configure_session(renew: true) | ||||
|     |> clear_session() | ||||
|     |> render("logout.html") | ||||
|     |> redirect(to: ~p"/") | ||||
|   end | ||||
| 
 | ||||
|   defp do_zta_logout(conn) do | ||||
|     {_type, module, _key} = Livebook.Config.identity_provider() | ||||
| 
 | ||||
|     case module.logout(LivebookWeb.ZTA, conn) do | ||||
|       :ok -> do_logout(conn) | ||||
|       {:error, reason} -> conn |> redirect(to: ~p"/") |> put_flash(:error, reason) | ||||
|     end | ||||
|     module.logout(LivebookWeb.ZTA, conn) | ||||
|   end | ||||
| end | ||||
|  |  | |||
|  | @ -1,18 +0,0 @@ | |||
| <div class="h-screen w-full px-4 py-8 bg-gray-900 flex justify-center items-center"> | ||||
|   <div class="max-w-[400px] w-full flex flex-col"> | ||||
|     <a href={~p"/"} class="mb-2 -ml-2"> | ||||
|       <img src={~p"/images/logo.png"} height="96" width="96" alt="livebook" /> | ||||
|     </a> | ||||
|     <div class="mb-2 text-xl text-gray-100 font-medium"> | ||||
|       You have been logged out | ||||
|     </div> | ||||
| 
 | ||||
|     <div class="mb-8 text-sm text-gray-200"> | ||||
|       Thank you for using <strong>Livebook</strong> | ||||
|     </div> | ||||
| 
 | ||||
|     <div class="text-gray-50 w-full"> | ||||
|       <.button navigate={~p"/"}>Sign in back</.button> | ||||
|     </div> | ||||
|   </div> | ||||
| </div> | ||||
|  | @ -128,12 +128,15 @@ defmodule Livebook.ZTA.LivebookTeamsTest do | |||
|         build_conn(:get, "/") | ||||
|         |> init_test_session(Plug.Conn.get_session(conn)) | ||||
| 
 | ||||
|       assert LivebookTeams.logout(test, conn) == :ok | ||||
|       assert %{status: 302} = conn = LivebookTeams.logout(test, conn) | ||||
|       [url] = get_resp_header(conn, "location") | ||||
|       assert %{status: 200} = Req.get!(url) | ||||
| 
 | ||||
|       # Step 5: If we try to revoke again, it should fail | ||||
|       assert {:error, _} = LivebookTeams.logout(test, conn) | ||||
|       # Step 5: It we try to authenticate again, it should redirect to Teams | ||||
|       conn = | ||||
|         build_conn(:get, "/") | ||||
|         |> init_test_session(Plug.Conn.get_session(conn)) | ||||
| 
 | ||||
|       # Step 6: It we try to authenticate again, it should redirect to Teams | ||||
|       {conn, nil} = LivebookTeams.authenticate(test, conn, []) | ||||
|       assert conn.halted | ||||
|       assert html_response(conn, 200) =~ "window.location.href = " | ||||
|  |  | |||
|  | @ -2,28 +2,11 @@ defmodule LivebookWeb.UserControllerTest do | |||
|   use LivebookWeb.ConnCase, async: true | ||||
| 
 | ||||
|   describe "GET /logout" do | ||||
|     test "renders logout template when logged in", %{conn: conn} do | ||||
|       conn = login_user(conn) | ||||
| 
 | ||||
|       conn = get(conn, ~p"/logout") | ||||
| 
 | ||||
|       assert html_response(conn, 200) =~ "You have been logged out" | ||||
|     end | ||||
| 
 | ||||
|     test "redirects when already logged out", %{conn: conn} do | ||||
|       conn = logout_user(conn) | ||||
| 
 | ||||
|       conn = get(conn, ~p"/logout") | ||||
| 
 | ||||
|       assert redirected_to(conn) == ~p"/" | ||||
|     end | ||||
| 
 | ||||
|     defp login_user(conn) do | ||||
|       Phoenix.ConnTest.init_test_session(conn, %{user_id: 1}) | ||||
|     end | ||||
| 
 | ||||
|     defp logout_user(conn) do | ||||
|       Phoenix.ConnTest.init_test_session(conn, %{}) | ||||
|       assert conn | ||||
|              |> Phoenix.ConnTest.init_test_session(%{}) | ||||
|              |> get(~p"/logout") | ||||
|              |> redirected_to() == ~p"/" | ||||
|     end | ||||
|   end | ||||
| end | ||||
|  |  | |||
		Loading…
	
	Add table
		
		Reference in a new issue