proper agent connect logout mechanism

This commit is contained in:
simon lehericey 2024-03-18 11:16:10 +01:00
parent 597342fe9d
commit dca3727253
2 changed files with 26 additions and 0 deletions

View file

@ -44,13 +44,20 @@ class Users::SessionsController < Devise::SessionsController
def destroy
if user_signed_in?
connected_with_france_connect = current_user.loged_in_with_france_connect
agent_connect_id_token = current_user&.instructeur&.agent_connect_id_token
current_user.update(loged_in_with_france_connect: nil)
current_user&.instructeur&.update(agent_connect_id_token: nil)
sign_out :user
if connected_with_france_connect == User.loged_in_with_france_connects.fetch(:particulier)
return redirect_to FRANCE_CONNECT[:particulier][:logout_endpoint], allow_other_host: true
end
if agent_connect_id_token.present?
return redirect_to build_agent_connect_logout_url(agent_connect_id_token), allow_other_host: true
end
end
respond_to_on_destroy
@ -98,4 +105,11 @@ class Users::SessionsController < Devise::SessionsController
def logout
redirect_to root_path, notice: I18n.t('devise.sessions.signed_out')
end
private
def build_agent_connect_logout_url(id_token)
h = { id_token_hint: id_token, post_logout_redirect_uri: logout_url }
"#{ENV['AGENT_CONNECT_BASE_URL']}/api/v2/session/end?#{h.to_query}"
end
end

View file

@ -81,6 +81,8 @@ describe Users::SessionsController, type: :controller do
describe '#destroy' do
let!(:user) { create(:user, email: email, password: password, loged_in_with_france_connect: loged_in_with_france_connect) }
let!(:instructeur) { create(:instructeur, user: user, agent_connect_id_token:) }
let(:agent_connect_id_token) { nil }
before do
sign_in user
@ -111,6 +113,16 @@ describe Users::SessionsController, type: :controller do
expect(response).to redirect_to(root_path)
end
end
context 'when user is connect with agent connect' do
let(:loged_in_with_france_connect) { nil }
let(:agent_connect_id_token) { 'qwerty' }
it 'redirect to agent connect logout page' do
expect(response.location).to include(agent_connect_id_token)
expect(instructeur.reload.agent_connect_id_token).to be_nil
end
end
end
describe '#new' do