Merge branch 'fix-logout' into 'master'

Add Logout button before skipping auth See merge request openappstack/single-sign-on!14

Merge branch 'fix-logout' into 'master'
Add Logout button before skipping auth See merge request openappstack/single-sign-on!14
db29e1d1 · Varac · 9268b8e8 · 3c10db38 · db29e1d1 · db29e1d1
Commit db29e1d1 authored 5 years ago by Varac
--- a/login_provider/app.py
+++ b/login_provider/app.py
@@ -79,8 +79,21 @@ def login():
    # Skip, if true, let's us know that Hydra has already successfully authenticated
    # the user. we don't need to check anything and we can accept the request right away.
    elif login_request.skip:
-        app.logger.info("{0} is already logged in. Skip authentication".format(login_request.subject))
+        skip = request.args.get("skip")
-        return redirect(login_request.accept(login_request.subject))
+        logout = request.args.get("logout")
+        if skip:
+            app.logger.info("{0} is already logged in. Skip authentication".format(login_request.subject))
+            return redirect(login_request.accept(login_request.subject))
+        elif logout:
+            login_form.challenge.data = challenge
+            HYDRA.invalidate_login_sessions(login_request.subject);
+            return redirect(login_request.reject(
+                "Login cancelled",
+                error_description="Login was cancelled and user session was terminated "))
+        else:
+            return render_template('skip.html', challenge=challenge, logo=login_request.client.logo_uri, application_name=login_request.client.client_name, username=login_request.subject)
    # If Skip is not true and the user has not submitted any data via a form, we need
    # to display a login form for the user to type in their username and password.

--- a/login_provider/templates/skip.html
+++ b/login_provider/templates/skip.html
+<!doctype html>
+<title>OAS authentication service</title>
+<div style='margin: 0 auto ; width: 350px; padding:20px; border-style:solid; border-color:#6c757d; border-width: 1px; background-color: #f8f9fa; font-family: "Segoe UI", Roboto; font-family: "Helvetica Neue", Arial; font-family: "Noto Sans", sans-serif;'>
+  {% if logo %}
+  <div style="position:relative; width: 350px; height:100px">
+        <img style="overflow: auto; top: 0; left: 0; bottom: 0; right: 0; position: absolute; margin: auto;max-width: 300px; max-height: 100px" src="{{logo}}" alt="Logo of application"></img>
+  </div>
+  {% endif %}
+  <h1>Log in to {{ application_name }}</h1>
+  <div style="width: 100%; margin-bottom: 5px; overflow: auto">
+      <div style="width:60%; float:left"><button onclick="window.location.href = '/login?login_challenge={{ challenge }}&skip=true';">Continue with {{ username }}</button></div>
+      <div style="width:40%; float:left;"><button onclick="window.location.href = '/login?login_challenge={{ challenge }}&logout=true';">Logout</button></div>
+  </div>
+</div>