Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ logout #60

Merged
merged 4 commits into from
May 22, 2024
Merged

✨ logout #60

merged 4 commits into from
May 22, 2024

Conversation

AntoLC
Copy link
Collaborator

@AntoLC AntoLC commented May 14, 2024
edited
Loading

Purpose

Add logout process based on People's.

Proposal

  • Add button on the frontend side
  • Add backend endpoints
  • Adapt helm chart

@AntoLC AntoLC self-assigned this May 14, 2024
AntoLC and others added 2 commits May 22, 2024 11:31
@AntoLC
✨(frontend) add logout button
bd5ae6e 
Rework the header based on latest Johann's design, which introduced a
dropdown menu to manage user account.

In this menu, you can find a logout button, which ends up the backend
session by calling the logout endpoint. Please that automatic redirection
when receiving the backend response were disabled. We handle it in our
custom hook, which reload the page.

Has the session cookie have been cleared, on reloading the page, a new
loggin flow is initiated, and the user is redirected to the OIDC provider.
@lebaudantoine @AntoLC
🚚(backend) create a dedicated authentication package
013c98d 
Prepare adding advanced authentication features. Create a dedicated
authentication Python package within the core app.

This code organization will be more extensible.
@lebaudantoine @AntoLC
✨(backend) support Agent Connect Logout flow
e7f1793 
The default Logout view provided by Mozilla Django OIDC is not suitable
for the Agent Connect Logout flow.

Previously, when a user was logging-out, only its Django session was ended.
However, its session in the OIDC provider was still active.

Agent Connect implements a 'session/end' endpoint, that allows services to
end user session when they logout.

Agent Connect logout triggers cannot work with the default views implemented
by the dependency Mozilla Django OIDC. In their implementation, they decided
to end Django Session before redirecting to the OIDC provider.

The Django session needs to be retained during the logout process.

An OIDC state is saved to the request session, pass to Agent Connect Logout
endpoint, and verified when the backend receives the Logout callback from Agent
Connect. It seems to follow OIDC specifications.

If for any reason, the Logout flow cannot be initiated with Agent Connect,
(missing ID token in cache, unauthenticated user, etc), the user is redirected
to the final URL, without interacting with Agent Connect.
@lebaudantoine @AntoLC
🔧(helm) setup logout flow from Agent Connect
477374a 
Add the relevant environment configurations to make sure the backend
in dev and staging environments log out the user from Agent Connect.
@AntoLC AntoLC force-pushed the feature/logout branch 2 times, most recently from e9f3341 to 477374a Compare May 22, 2024 13:59
@AntoLC AntoLC marked this pull request as ready for review May 22, 2024 13:59
@AntoLC AntoLC enabled auto-merge (rebase) May 22, 2024 13:59
@AntoLC AntoLC merged commit abf08fe into main May 22, 2024
16 of 17 checks passed
@AntoLC AntoLC deleted the feature/logout branch May 22, 2024 14:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@AntoLC AntoLC

Labels
backend feature frontend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AntoLC @lebaudantoine