Compare commits
No commits in common. "809579aa64deea840c9cab9c6f5b54c4892b91c0" and "a27c06c5f6943805cd5e5bf2a4ba015283c8e1b5" have entirely different histories.
809579aa64
...
a27c06c5f6
@ -148,10 +148,11 @@ public function handleMicrosoftCallback(Request $request)
|
||||
return $this->redirectUserBasedOnRole($user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Log the user out of the application.
|
||||
*/
|
||||
public function logout(Request $request)
|
||||
{
|
||||
$user = Auth::user();
|
||||
|
||||
Auth::logout();
|
||||
|
||||
$request->session()->invalidate();
|
||||
@ -159,19 +160,7 @@ public function logout(Request $request)
|
||||
|
||||
// Redirect to Microsoft's logout URL to log the user out of Microsoft as well
|
||||
try {
|
||||
$tenant = config('services.microsoft.tenant', 'common');
|
||||
$logoutUrl = "https://login.microsoftonline.com/{$tenant}/oauth2/v2.0/logout";
|
||||
|
||||
$params = [
|
||||
'post_logout_redirect_uri' => route('login'),
|
||||
];
|
||||
|
||||
if ($user && $user->email) {
|
||||
// Pass logout_hint to bypass Microsoft's "Pick an account" selection screen
|
||||
$params['logout_hint'] = $user->email;
|
||||
}
|
||||
|
||||
$microsoftLogoutUrl = $logoutUrl . '?' . http_build_query($params);
|
||||
$microsoftLogoutUrl = Socialite::driver('microsoft')->getLogoutUrl(route('login'));
|
||||
return redirect($microsoftLogoutUrl);
|
||||
} catch (\Exception $e) {
|
||||
return redirect()->route('login')->with('success', 'Logged out successfully.');
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 25 KiB |
@ -189,6 +189,9 @@ public function test_admin_cannot_authenticate_via_microsoft_oauth_callback(): v
|
||||
$this->assertFalse(auth()->check());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test local logout redirects to Microsoft global logout endpoint.
|
||||
*/
|
||||
public function test_user_logout_redirects_to_microsoft_logout_page(): void
|
||||
{
|
||||
$user = User::create([
|
||||
@ -197,16 +200,17 @@ public function test_user_logout_redirects_to_microsoft_logout_page(): void
|
||||
'role' => 'user',
|
||||
]);
|
||||
|
||||
$mockSocialite = \Mockery::mock('Laravel\Socialite\Contracts\Provider');
|
||||
$mockSocialite->shouldReceive('getLogoutUrl')
|
||||
->with(route('login'))
|
||||
->andReturn('https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=' . urlencode(route('login')));
|
||||
|
||||
\Laravel\Socialite\Facades\Socialite::shouldReceive('driver')->with('microsoft')->andReturn($mockSocialite);
|
||||
|
||||
$response = $this->actingAs($user)
|
||||
->get('/logout'); // supports GET for testing
|
||||
|
||||
$tenant = config('services.microsoft.tenant', 'common');
|
||||
$expectedRedirect = "https://login.microsoftonline.com/{$tenant}/oauth2/v2.0/logout?" . http_build_query([
|
||||
'post_logout_redirect_uri' => route('login'),
|
||||
'logout_hint' => 'user@sentientgeeks.com',
|
||||
]);
|
||||
|
||||
$response->assertRedirect($expectedRedirect);
|
||||
$response->assertRedirect('https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=' . urlencode(route('login')));
|
||||
$this->assertFalse(auth()->check());
|
||||
}
|
||||
|
||||
@ -260,8 +264,7 @@ public function test_sso_launch_redirects_to_microsoft_for_all_services_if_user_
|
||||
$mockSocialite->shouldReceive('redirectUrl')->with(route('sso.callback'))->andReturnSelf();
|
||||
$mockSocialite->shouldReceive('with')->with([
|
||||
'login_hint' => $user->email,
|
||||
'domain_hint' => 'organizations',
|
||||
'prompt' => 'none'
|
||||
'domain_hint' => 'organizations'
|
||||
])->andReturnSelf();
|
||||
$mockSocialite->shouldReceive('redirect')
|
||||
->andReturn(redirect('https://login.microsoftonline.com/common/oauth2/v2.0/authorize'));
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user