[slo] added slo functionality to main logoutbutton

ba02f861 · Wolfgang Knopki · 9d956240 · ba02f861 · ba02f861
Commit ba02f861 authored Sep 18, 2020 by Wolfgang Knopki
--- a/config/default.json
+++ b/config/default.json
@@ -33,5 +33,6 @@

  "path" : "http://localhost:9666/saml/SSO",
  "entryPoint" : "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php",
-  "issuer" : "spacedeck.m4lab.hft-stuttgart.de"
+  "issuer" : "spacedeck.m4lab.hft-stuttgart.de",
+  "logoutUrl": "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php"
 }
--- a/routes/root.js
+++ b/routes/root.js
@@ -32,6 +32,7 @@ const uuidv4 = require('uuid/v4');
  var samlStrategy = new SamlStrategy({
      // URL that goes from the Identity Provider -> Service Provider
      callbackUrl: config.path,
+      logoutUrl: config.logoutUrl,

      entryPoint: config.entryPoint,
      issuer: config.issuer,
@@ -245,10 +246,58 @@ router.get('/login', passport.authenticate('saml',
 //  res.render('spacedeck', { config:config, user:req.user });
 //});

+function samlLogout(req,res){
+console.log("enter samlLogout")
+try{
+    samlStrategy.logout(req, function(err,uri){
+        if(err) console.log("can't generate logout URL: ${err}");
+        req.logout();
+        var token = req.cookies['sdsession'];
+        db.Session.findOne({where: {token: token}})
+            .then(session => {
+                session.destroy();
+            });
+        var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
+        res.clearCookie('sdsession', { domain: domain });
+        console.log("clear Cookie")
+        res.redirect(uri);
+    });
+}catch(err){
+    if(err) console.log(`Exception on URL: ${err}`);
+    req.logout();
+    var token = req.cookies['sdsession'];
+    db.Session.findOne({where: {token: token}})
+        .then(session => {
+            session.destroy();
+        });
+    var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
+    res.clearCookie('sdsession', { domain: domain });
+    console.log("clear Cookie on error")
+    res.redirect("/login");
+    }
+}
+
 router.get('/logout', (req, res) => {
-  res.render('spacedeck', { config:config, user:req.user });
+    console.log("logout pressed")
+    if (req.user == null) {
+        console.log("req.user == null");
+        return res.redirect('/');
+    }
+    samlLogout(req,res);
 });

+router.get('/saml/SLO', (req, res, next) => {
+        console.log("received logout request");
+        var token=req.cookies['sdsession'];
+        if(token) {
+            return next();
+        } else {
+            return res.redirect('/'); //best be landing page of everything
+        }
+    },
+    samlLogout
+);
+
 router.get('/t/:id', (req, res) => {
  res.cookie('spacedeck_locale', req.params.id, { maxAge: 900000, httpOnly: true });
  var path = "/";