Compare commits
No commits in common. "809579aa64deea840c9cab9c6f5b54c4892b91c0" and "a27c06c5f6943805cd5e5bf2a4ba015283c8e1b5" have entirely different histories.
809579aa64
...
a27c06c5f6
@ -148,10 +148,11 @@ public function handleMicrosoftCallback(Request $request)
|
|||||||
return $this->redirectUserBasedOnRole($user);
|
return $this->redirectUserBasedOnRole($user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Log the user out of the application.
|
||||||
|
*/
|
||||||
public function logout(Request $request)
|
public function logout(Request $request)
|
||||||
{
|
{
|
||||||
$user = Auth::user();
|
|
||||||
|
|
||||||
Auth::logout();
|
Auth::logout();
|
||||||
|
|
||||||
$request->session()->invalidate();
|
$request->session()->invalidate();
|
||||||
@ -159,19 +160,7 @@ public function logout(Request $request)
|
|||||||
|
|
||||||
// Redirect to Microsoft's logout URL to log the user out of Microsoft as well
|
// Redirect to Microsoft's logout URL to log the user out of Microsoft as well
|
||||||
try {
|
try {
|
||||||
$tenant = config('services.microsoft.tenant', 'common');
|
$microsoftLogoutUrl = Socialite::driver('microsoft')->getLogoutUrl(route('login'));
|
||||||
$logoutUrl = "https://login.microsoftonline.com/{$tenant}/oauth2/v2.0/logout";
|
|
||||||
|
|
||||||
$params = [
|
|
||||||
'post_logout_redirect_uri' => route('login'),
|
|
||||||
];
|
|
||||||
|
|
||||||
if ($user && $user->email) {
|
|
||||||
// Pass logout_hint to bypass Microsoft's "Pick an account" selection screen
|
|
||||||
$params['logout_hint'] = $user->email;
|
|
||||||
}
|
|
||||||
|
|
||||||
$microsoftLogoutUrl = $logoutUrl . '?' . http_build_query($params);
|
|
||||||
return redirect($microsoftLogoutUrl);
|
return redirect($microsoftLogoutUrl);
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
return redirect()->route('login')->with('success', 'Logged out successfully.');
|
return redirect()->route('login')->with('success', 'Logged out successfully.');
|
||||||
|
|||||||
Binary file not shown.
|
Before Width: | Height: | Size: 25 KiB |
@ -189,6 +189,9 @@ public function test_admin_cannot_authenticate_via_microsoft_oauth_callback(): v
|
|||||||
$this->assertFalse(auth()->check());
|
$this->assertFalse(auth()->check());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test local logout redirects to Microsoft global logout endpoint.
|
||||||
|
*/
|
||||||
public function test_user_logout_redirects_to_microsoft_logout_page(): void
|
public function test_user_logout_redirects_to_microsoft_logout_page(): void
|
||||||
{
|
{
|
||||||
$user = User::create([
|
$user = User::create([
|
||||||
@ -197,16 +200,17 @@ public function test_user_logout_redirects_to_microsoft_logout_page(): void
|
|||||||
'role' => 'user',
|
'role' => 'user',
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
$mockSocialite = \Mockery::mock('Laravel\Socialite\Contracts\Provider');
|
||||||
|
$mockSocialite->shouldReceive('getLogoutUrl')
|
||||||
|
->with(route('login'))
|
||||||
|
->andReturn('https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=' . urlencode(route('login')));
|
||||||
|
|
||||||
|
\Laravel\Socialite\Facades\Socialite::shouldReceive('driver')->with('microsoft')->andReturn($mockSocialite);
|
||||||
|
|
||||||
$response = $this->actingAs($user)
|
$response = $this->actingAs($user)
|
||||||
->get('/logout'); // supports GET for testing
|
->get('/logout'); // supports GET for testing
|
||||||
|
|
||||||
$tenant = config('services.microsoft.tenant', 'common');
|
$response->assertRedirect('https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=' . urlencode(route('login')));
|
||||||
$expectedRedirect = "https://login.microsoftonline.com/{$tenant}/oauth2/v2.0/logout?" . http_build_query([
|
|
||||||
'post_logout_redirect_uri' => route('login'),
|
|
||||||
'logout_hint' => 'user@sentientgeeks.com',
|
|
||||||
]);
|
|
||||||
|
|
||||||
$response->assertRedirect($expectedRedirect);
|
|
||||||
$this->assertFalse(auth()->check());
|
$this->assertFalse(auth()->check());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -260,8 +264,7 @@ public function test_sso_launch_redirects_to_microsoft_for_all_services_if_user_
|
|||||||
$mockSocialite->shouldReceive('redirectUrl')->with(route('sso.callback'))->andReturnSelf();
|
$mockSocialite->shouldReceive('redirectUrl')->with(route('sso.callback'))->andReturnSelf();
|
||||||
$mockSocialite->shouldReceive('with')->with([
|
$mockSocialite->shouldReceive('with')->with([
|
||||||
'login_hint' => $user->email,
|
'login_hint' => $user->email,
|
||||||
'domain_hint' => 'organizations',
|
'domain_hint' => 'organizations'
|
||||||
'prompt' => 'none'
|
|
||||||
])->andReturnSelf();
|
])->andReturnSelf();
|
||||||
$mockSocialite->shouldReceive('redirect')
|
$mockSocialite->shouldReceive('redirect')
|
||||||
->andReturn(redirect('https://login.microsoftonline.com/common/oauth2/v2.0/authorize'));
|
->andReturn(redirect('https://login.microsoftonline.com/common/oauth2/v2.0/authorize'));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user