Merge pull request #29 from lifewatch-eric/ecoportal-ontoportal-reset

Fix: SSO logout
lifewatch-eric · Oct 17, 2023 · e0af502 · e0af502
2 parents 1ea50b1 + bceea25
commit e0af502
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/app/controllers/oauth2_controller.rb b/app/controllers/oauth2_controller.rb
@@ -117,11 +117,10 @@ def logout
         redirect =  request.protocol + request.host_with_port + "/"
       end
       redirect = build_url_with_params(@@configStruct.end_session_endpoint, {client_id: @@configStruct.client_id, id_token_hint: idt, post_logout_redirect_uri: redirect})
-      external_redirect_allowed = true
     end
 
     # Start an RP-initiated logout process
-    redirect_to redirect, allow_external_host: external_redirect_allowed
+    redirect_to redirect, allow_other_host: true
   end
 
   def self.config(&block)
@@ -145,4 +144,13 @@ def build_oauth2_client
       userinfo_endpoint: @@configStruct.userinfo_endpoint
     )
   end
+
+  def build_url_with_params(url, params)
+    # See https://stackoverflow.com/a/26867426
+    uri = URI.parse(url)
+    new_query_ar = URI.decode_www_form(uri.query || '')
+    params.each_key { |k| new_query_ar << [k, params[k]] }
+    uri.query = URI.encode_www_form(new_query_ar)
+    uri.to_s
+  end
 end