From 1daf23ed85cfd2b7cd2942563e26e92f055f3fbf Mon Sep 17 00:00:00 2001
From: Benoit Serrano <benoit.serrano10@gmail.com>
Date: Tue, 28 May 2024 16:58:37 +0200
Subject: [PATCH] add logout route implementation

---
 controllers/userController.js | 12 ++++++++++--
 lib/oidcAuth.js               |  8 +++++++-
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/controllers/userController.js b/controllers/userController.js
index 2a91f6bc..2fe4c9fc 100644
--- a/controllers/userController.js
+++ b/controllers/userController.js
@@ -1,4 +1,5 @@
 const oidcAuth = require("../lib/oidcAuth")
+const urls = require("../urls")
 
 module.exports.startAuth = async (req, res) => {
   const userTimezoneOffset = req.body.userTimezoneOffset
@@ -20,6 +21,13 @@ module.exports.startAuth = async (req, res) => {
 }
 
 module.exports.logout = async(req, res) => {
-  console.log(req.session)
-  return res.redirect(`/`)
+  const user = req.session.user
+  if(!user){
+    return res.redirect(urls.landing)
+  }
+  const {id_token_hint, state} = user
+  req.session.destroy()
+
+  const logoutUrl = oidcAuth.getLogoutUrl({id_token_hint, state})
+  return res.redirect(logoutUrl)
 }
diff --git a/lib/oidcAuth.js b/lib/oidcAuth.js
index 62471e55..54e30213 100644
--- a/lib/oidcAuth.js
+++ b/lib/oidcAuth.js
@@ -119,8 +119,9 @@ module.exports.finishAuth = async (req) => {
     return { error: "L'identification a échoué. Entrez votre adresse mail ci-dessous pour recommencer." }
   }
   const email = userinfo.email
+  const user = {id_token: tokenSet.id_token, state: request.state}
 
-  req.session.id_token_hint = tokenSet.id_token
+  req.session.user = user
   
   return {
     email,
@@ -130,3 +131,8 @@ module.exports.finishAuth = async (req) => {
   }
 }
 
+module.exports.getLogoutUrl = async({state, id_token_hint}) => {
+  const client = await this.getClient()
+
+  return client.endSessionUrl({id_token_hint,post_logout_redirect_uri: urls.landing,state})
+}