proper agent connect logout mechanism

2024-03-18 11:16:10 +01:00 · 2024-03-18 11:16:10 +01:00 · dca3727253
commit dca3727253
parent 597342fe9d
2 changed files with 26 additions and 0 deletions
--- a/app/controllers/users/sessions_controller.rb
+++ b/app/controllers/users/sessions_controller.rb
@ -44,13 +44,20 @@ class Users::SessionsController < Devise::SessionsController
  def destroy
    if user_signed_in?
      connected_with_france_connect = current_user.loged_in_with_france_connect
+      agent_connect_id_token = current_user&.instructeur&.agent_connect_id_token

      current_user.update(loged_in_with_france_connect: nil)
+      current_user&.instructeur&.update(agent_connect_id_token: nil)
+
      sign_out :user

      if connected_with_france_connect == User.loged_in_with_france_connects.fetch(:particulier)
        return redirect_to FRANCE_CONNECT[:particulier][:logout_endpoint], allow_other_host: true
      end
+
+      if agent_connect_id_token.present?
+        return redirect_to build_agent_connect_logout_url(agent_connect_id_token), allow_other_host: true
+      end
    end

    respond_to_on_destroy
@ -98,4 +105,11 @@ class Users::SessionsController < Devise::SessionsController
  def logout
    redirect_to root_path, notice: I18n.t('devise.sessions.signed_out')
  end
+
+  private
+
+  def build_agent_connect_logout_url(id_token)
+    h = { id_token_hint: id_token, post_logout_redirect_uri: logout_url }
+    "#{ENV['AGENT_CONNECT_BASE_URL']}/api/v2/session/end?#{h.to_query}"
+  end
 end
--- a/spec/controllers/users/sessions_controller_spec.rb
+++ b/spec/controllers/users/sessions_controller_spec.rb
@ -81,6 +81,8 @@ describe Users::SessionsController, type: :controller do

  describe '#destroy' do
    let!(:user) { create(:user, email: email, password: password, loged_in_with_france_connect: loged_in_with_france_connect) }
+    let!(:instructeur) { create(:instructeur, user: user, agent_connect_id_token:) }
+    let(:agent_connect_id_token) { nil }

    before do
      sign_in user
@ -111,6 +113,16 @@ describe Users::SessionsController, type: :controller do
        expect(response).to redirect_to(root_path)
      end
    end
+
+    context 'when user is connect with agent connect' do
+      let(:loged_in_with_france_connect) { nil }
+      let(:agent_connect_id_token) { 'qwerty' }
+
+      it 'redirect to agent connect logout page' do
+        expect(response.location).to include(agent_connect_id_token)
+        expect(instructeur.reload.agent_connect_id_token).to be_nil
+      end
+    end
  end

  describe '#new' do