livebook-dev/livebook
1
1
Fork 0
mirror of https://github.com/livebook-dev/livebook.git synced 2025-10-27 22:06:38 +08:00
Code Issues Projects Releases Packages Wiki Activity

Redirects the user to Teams logout page (#2959)

Browse source
This commit is contained in:
Alexandre de Souza 2025-03-14 09:35:25 -03:00 committed by Jonatan Kłosko
parent bb77d48f63
commit 07f5409396
6 changed files with 24 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/livebook/teams/requests.ex
View file

@ -238,15 +238,6 @@ defmodule Livebook.Teams.Requests do
get("/api/v1/org/identity", %{access_token: access_token}, team) get("/api/v1/org/identity", %{access_token: access_token}, team)
end end
@doc """
Send a request to Livebook Team API to revoke session from given access token.
"""
@spec logout_identity_provider(Team.t(), String.t()) ::
{:ok, String.t()} | {:error, map()} | {:transport_error, String.t()}
def logout_identity_provider(team, access_token) do
post("/api/v1/org/identity/revoke", %{access_token: access_token}, team)
end
@doc """ @doc """
Normalizes errors map into errors for the given schema. Normalizes errors map into errors for the given schema.
""" """

17
lib/livebook/zta/livebook_teams.ex
View file

@ -38,14 +38,19 @@ defmodule Livebook.ZTA.LivebookTeams do
# Our extension to Livebook.ZTA to deal with logouts # Our extension to Livebook.ZTA to deal with logouts
def logout(name, conn) do def logout(name, conn) do
token = get_session(conn, :livebook_teams_access_token) token = get_session(conn, :livebook_teams_access_token)
team = Livebook.ZTA.get(name) team = Livebook.ZTA.get(name)
case Teams.Requests.logout_identity_provider(team, token) do url =
{:ok, _no_content} -> :ok Livebook.Config.teams_url()
{:error, %{}} -> {:error, "You are already logged out."} |> URI.new!()
{:transport_error, reason} -> {:error, reason} |> URI.append_path("/identity/logout")
end |> URI.append_query("org_id=#{team.org_id}&access_token=#{token}")
|> URI.to_string()
conn
|> configure_session(renew: true)
|> clear_session()
|> redirect(external: url)
end end
defp handle_request(conn, team, %{"teams_identity" => _, "code" => code}) do defp handle_request(conn, team, %{"teams_identity" => _, "code" => code}) do

8
lib/livebook_web/controllers/user_controller.ex
View file

@ -17,15 +17,11 @@ defmodule LivebookWeb.UserController do
conn conn
|> configure_session(renew: true) |> configure_session(renew: true)
|> clear_session() |> clear_session()
|> render("logout.html") |> redirect(to: ~p"/")
end end
defp do_zta_logout(conn) do defp do_zta_logout(conn) do
{_type, module, _key} = Livebook.Config.identity_provider() {_type, module, _key} = Livebook.Config.identity_provider()
module.logout(LivebookWeb.ZTA, conn)
case module.logout(LivebookWeb.ZTA, conn) do
:ok -> do_logout(conn)
{:error, reason} -> conn |> redirect(to: ~p"/") |> put_flash(:error, reason)
end
end end
end end

18
lib/livebook_web/controllers/user_html/logout.html.heex
View file

@ -1,18 +0,0 @@
<div class="h-screen w-full px-4 py-8 bg-gray-900 flex justify-center items-center">
<div class="max-w-[400px] w-full flex flex-col">
<a href={~p"/"} class="mb-2 -ml-2">
<img src={~p"/images/logo.png"} height="96" width="96" alt="livebook" />
</a>
<div class="mb-2 text-xl text-gray-100 font-medium">
You have been logged out
</div>
<div class="mb-8 text-sm text-gray-200">
Thank you for using <strong>Livebook</strong>
</div>
<div class="text-gray-50 w-full">
<.button navigate={~p"/"}>Sign in back</.button>
</div>
</div>
</div>

11
test/livebook_teams/zta/livebook_teams_test.exs
View file

@ -128,12 +128,15 @@ defmodule Livebook.ZTA.LivebookTeamsTest do
build_conn(:get, "/") build_conn(:get, "/")
|> init_test_session(Plug.Conn.get_session(conn)) |> init_test_session(Plug.Conn.get_session(conn))
assert LivebookTeams.logout(test, conn) == :ok assert %{status: 302} = conn = LivebookTeams.logout(test, conn)
[url] = get_resp_header(conn, "location")
assert %{status: 200} = Req.get!(url)
# Step 5: If we try to revoke again, it should fail # Step 5: It we try to authenticate again, it should redirect to Teams
assert {:error, _} = LivebookTeams.logout(test, conn) conn =
build_conn(:get, "/")
|> init_test_session(Plug.Conn.get_session(conn))
# Step 6: It we try to authenticate again, it should redirect to Teams
{conn, nil} = LivebookTeams.authenticate(test, conn, []) {conn, nil} = LivebookTeams.authenticate(test, conn, [])
assert conn.halted assert conn.halted
assert html_response(conn, 200) =~ "window.location.href = " assert html_response(conn, 200) =~ "window.location.href = "

25
test/livebook_web/controllers/user_controller_test.exs
View file

@ -2,28 +2,11 @@ defmodule LivebookWeb.UserControllerTest do
use LivebookWeb.ConnCase, async: true use LivebookWeb.ConnCase, async: true
describe "GET /logout" do describe "GET /logout" do
test "renders logout template when logged in", %{conn: conn} do
conn = login_user(conn)
conn = get(conn, ~p"/logout")
assert html_response(conn, 200) =~ "You have been logged out"
end
test "redirects when already logged out", %{conn: conn} do test "redirects when already logged out", %{conn: conn} do
conn = logout_user(conn) assert conn
|> Phoenix.ConnTest.init_test_session(%{})
conn = get(conn, ~p"/logout") |> get(~p"/logout")
|> redirected_to() == ~p"/"
assert redirected_to(conn) == ~p"/"
end
defp login_user(conn) do
Phoenix.ConnTest.init_test_session(conn, %{user_id: 1})
end
defp logout_user(conn) do
Phoenix.ConnTest.init_test_session(conn, %{})
end end
end end
end end