diff --git a/lib/livebook/zta.ex b/lib/livebook/zta.ex index 4d4d8c2a2..b4ecaa6a4 100644 --- a/lib/livebook/zta.ex +++ b/lib/livebook/zta.ex @@ -45,6 +45,11 @@ defmodule Livebook.ZTA do """ @callback authenticate(name(), Plug.Conn.t(), keyword()) :: {Plug.Conn.t(), metadata() | nil} + @doc """ + Logouts against the given name. + """ + @callback logout(name(), Phoenix.LiveView.Socket.t()) :: :ok | :error + @doc false def init do :ets.new(__MODULE__, [:named_table, :public, :set, read_concurrency: true]) diff --git a/lib/livebook/zta/basic_auth.ex b/lib/livebook/zta/basic_auth.ex index 606ed2d11..d4b2817e5 100644 --- a/lib/livebook/zta/basic_auth.ex +++ b/lib/livebook/zta/basic_auth.ex @@ -16,7 +16,7 @@ defmodule Livebook.ZTA.BasicAuth do end @impl true - def authenticate(name, conn, _options) do + def authenticate(name, conn, _opts) do {username, password} = Livebook.ZTA.get(name) conn = Plug.BasicAuth.basic_auth(conn, username: username, password: password) @@ -26,4 +26,9 @@ defmodule Livebook.ZTA.BasicAuth do {conn, %{}} end end + + @impl true + def logout(_name, _socket) do + :error + end end diff --git a/lib/livebook/zta/cloudflare.ex b/lib/livebook/zta/cloudflare.ex index 6b78c8713..c3b19cafa 100644 --- a/lib/livebook/zta/cloudflare.ex +++ b/lib/livebook/zta/cloudflare.ex @@ -25,6 +25,11 @@ defmodule Livebook.ZTA.Cloudflare do {conn, authenticate_user(token, identity, keys)} end + @impl true + def logout(_name, _socket) do + :error + end + @impl true def init(options) do state = struct!(__MODULE__, options) diff --git a/lib/livebook/zta/google_iap.ex b/lib/livebook/zta/google_iap.ex index 123efef0d..703809d08 100644 --- a/lib/livebook/zta/google_iap.ex +++ b/lib/livebook/zta/google_iap.ex @@ -25,6 +25,11 @@ defmodule Livebook.ZTA.GoogleIAP do {conn, authenticate_user(token, identity, keys)} end + @impl true + def logout(_name, _socket) do + :error + end + @impl true def init(options) do state = struct!(__MODULE__, options) diff --git a/lib/livebook/zta/livebook_teams.ex b/lib/livebook/zta/livebook_teams.ex index beaad1dc5..035c75324 100644 --- a/lib/livebook/zta/livebook_teams.ex +++ b/lib/livebook/zta/livebook_teams.ex @@ -35,6 +35,16 @@ defmodule Livebook.ZTA.LivebookTeams do end end + @impl true + def logout(name, %{assigns: %{current_user: %{payload: %{"access_token" => token}}}}) do + team = Livebook.ZTA.get(name) + + case Teams.Requests.logout_identity_provider(team, token) do + {:ok, _no_content} -> :ok + _ -> :error + end + end + defp handle_request(conn, team, %{"teams_identity" => _, "code" => code}) do with {:ok, access_token} <- retrieve_access_token(team, code), {:ok, metadata} <- get_user_info(team, access_token) do diff --git a/lib/livebook/zta/pass_through.ex b/lib/livebook/zta/pass_through.ex index 77a6a9cc4..41dceb42c 100644 --- a/lib/livebook/zta/pass_through.ex +++ b/lib/livebook/zta/pass_through.ex @@ -7,7 +7,12 @@ defmodule Livebook.ZTA.PassThrough do end @impl true - def authenticate(_, conn, _) do + def authenticate(_name, conn, _opts) do {conn, %{}} end + + @impl true + def logout(_name, _socket) do + :error + end end diff --git a/lib/livebook/zta/tailscale.ex b/lib/livebook/zta/tailscale.ex index 15bf0fa42..4d7e6d36a 100644 --- a/lib/livebook/zta/tailscale.ex +++ b/lib/livebook/zta/tailscale.ex @@ -29,6 +29,11 @@ defmodule Livebook.ZTA.Tailscale do {conn, user} end + @impl true + def logout(_name, _socket) do + :error + end + defp authenticate_ip(remote_ip, address) do {url, options} = if String.starts_with?(address, "http") do