Merge pull request #61 from resource-watch/staging

Deploy logout redirect to production

Author: tanderegg

src/providers/okta.provider.ts

@@ -698,10 +698,19 @@ export class OktaProvider {
         if (!user) {
             return ctx.throw(401, 'Not logged');
         }
-        await OktaService.logoutUser(user);
 
+        let redirect_uri: string = '/auth/login';
+
+        if (ctx.session.callbackUrl) {
+          logger.info('[OktaProvider] - Url redirect', ctx.session.callbackUrl);
+
+          redirect_uri = ctx.session.callbackUrl;
+        }
+
+        await OktaService.logoutUser(user);
         await ctx.logout();
-        ctx.redirect('/auth/login');
+
+        ctx.redirect(redirect_uri.toString());
     }
 
     static async signUp(ctx: Context): Promise<void> {

test/e2e/okta/okta-oauth-user-logout.spec.ts

@@ -76,6 +76,30 @@ describe('[OKTA] GET logout current user session', () => {
         response.status.should.equal(200);
     });
 
+    it('Logging out with callbackUrl should redirect', async () => {
+
+        nock('https://www.wikipedia.org')
+            .get('/')
+            .reply(200, 'ok');
+
+        const user: OktaUser = getMockOktaUser();
+        const token: string = mockValidJWT({
+            id: user.profile.legacyId,
+            email: user.profile.email,
+            role: user.profile.role,
+            extraUserData: { apps: user.profile.apps },
+        });
+        mockOktaListUsers({ limit: 1, search: `(profile.legacyId eq "${user.profile.legacyId}")` }, [user]);
+        mockOktaLogoutUser(user.id);
+
+        const response: request.Response = await requester
+          .get(`/auth/logout?callbackUrl=https://www.wikipedia.org/`)
+          .set('Authorization', `Bearer ${token}`);
+
+        response.should.redirect;
+        response.should.redirectTo('https://www.wikipedia.org/');
+    });
+
     after(async () => {
         await closeTestAgent();
     });