Allow for configuration of logout url

2020-08-05 13:46:07 +02:00 · 2020-08-05 13:46:07 +02:00 · f9f966df75
parent 27f5c89f70
commit f9f966df75
3 changed files with 14 additions and 1 deletions
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@ -90,6 +90,7 @@ class Setting(db.Model):
        'oidc_oauth_api_url': '',
        'oidc_oauth_token_url': '',
        'oidc_oauth_authorize_url': '',
+        'oidc_oauth_logout_url': '',
        'oidc_oauth_username': 'preferred_username',
        'oidc_oauth_firstname': 'given_name',
        'oidc_oauth_last_name': 'family_name ',
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@ -453,6 +453,13 @@ def logout():
                session_index=session['samlSessionIndex'],
                name_id=session['samlNameId']))

+    redirect_uri = url_for('index.login')
+    oidc_logout = Setting().get('oidc_oauth_logout_url')
+
+    if 'oidc_token' in session and oidc_logout:
+        redirect_uri = "{}?redirect_uri={}".format(
+            oidc_logout, url_for('index.login', _external=True))
+
    # Clean cookies and flask session
    clear_session()

@ -476,7 +483,7 @@ def logout():

        return res

-    return redirect(url_for('index.login'))
+    return redirect(redirect_uri)


@index_bp.route('/register', methods=['GET', 'POST'])
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@ -522,6 +522,11 @@
                                                    <input type="text" class="form-control" name="oidc_oauth_authorize_url" id="oidc_oauth_authorize_url" placeholder="e.g. https://oidc.com/login/oauth/authorize" data-error="Plesae input Authorize URL" value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
                                                    <span class="help-block with-errors"></span>
                                                </div>
+                                                <div class="form-group">
+                                                    <label for="oidc_oauth_logout_url">Logout URL</label>
+                                                    <input type="text" class="form-control" name="oidc_oauth_logout_url" id="oidc_oauth_authorize_url" placeholder="e.g. https://oidc.com/login/oauth/logout" data-error="Please input Logout URL" value="{{ SETTING.get('oidc_oauth_logout_url') }}">
+                                                    <span class="help-block with-errors"></span>
+                                                </div>
                                            </fieldset>
                                            <fieldset>
                                                <legend>CLAIMS</legend>