From 8b3c15267ec7b6d25301b1e63efc1b4761dd465a Mon Sep 17 00:00:00 2001
From: Scott Adams <74183390+sra405@users.noreply.github.com>
Date: Tue, 24 Oct 2023 09:58:55 +0100
Subject: [PATCH 1/2] Oidc-redux Signout Flow (#715)
Related to #714
Hits signoutRedirect with a `id_token` during logout to invalidate hydra
session
### Note
This requires `post_logout_redirect_uris` to be registered with hydra
client before merge (currently manual but I have an influx branch to
bring this into terraform)
---
CHANGELOG.md | 1 +
src/components/Login/LoginMenu.jsx | 5 ++++-
src/components/Login/LogoutButton.jsx | 15 ++++++++++-----
src/components/Login/LogoutButton.test.js | 19 ++++++++++---------
src/utils/userManager.js | 1 +
5 files changed, 26 insertions(+), 15 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e5f4662aa..1f143a644 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### Fixed
- Clipped icon in "Save your work" toast (#707)
+- Hydra logout flow to delete session (#714)
## [0.19.2] - 2023-10-12
diff --git a/src/components/Login/LoginMenu.jsx b/src/components/Login/LoginMenu.jsx
index 99f9cb014..4742593bf 100644
--- a/src/components/Login/LoginMenu.jsx
+++ b/src/components/Login/LoginMenu.jsx
@@ -27,7 +27,10 @@ const LoginMenu = () => {
>
{t("globalNav.accountMenu.projects")}
-
+
) : (
{
- const { className } = props;
+const LogoutButton = ({ className, user }) => {
const { t } = useTranslation();
- const navigate = useNavigate();
const onLogoutButtonClick = async (event) => {
event.preventDefault();
+ userManager.signoutRedirect({ id_token_hint: user?.id_token });
await userManager.removeUser();
localStorage.clear();
- navigate("/");
};
return (
@@ -25,4 +23,11 @@ const LogoutButton = (props) => {
);
};
+LogoutButton.propTypes = {
+ className: PropTypes.string,
+ user: PropTypes.shape({
+ id_token: PropTypes.string.isRequired,
+ }).isRequired,
+};
+
export default LogoutButton;
diff --git a/src/components/Login/LogoutButton.test.js b/src/components/Login/LogoutButton.test.js
index 33a19bbff..a7f72681b 100644
--- a/src/components/Login/LogoutButton.test.js
+++ b/src/components/Login/LogoutButton.test.js
@@ -7,27 +7,25 @@ import userManager from "../../utils/userManager";
import LogoutButton from "./LogoutButton";
jest.mock("../../utils/userManager", () => ({
+ signoutRedirect: jest.fn(),
removeUser: jest.fn(),
}));
let logoutButton;
+const user = {
+ id_token: "1234",
+};
+
beforeEach(() => {
const middlewares = [];
const mockStore = configureStore(middlewares);
- const initialState = {
- editor: {
- project: {},
- },
- auth: {
- user: {},
- },
- };
+ const initialState = {};
const store = mockStore(initialState);
render(
-
+
,
);
@@ -40,5 +38,8 @@ test("Log out button shown", () => {
test("Clicking log out button signs the user out", () => {
fireEvent.click(logoutButton);
+ expect(userManager.signoutRedirect).toBeCalledWith({
+ id_token_hint: user.id_token,
+ });
expect(userManager.removeUser).toHaveBeenCalled();
});
diff --git a/src/utils/userManager.js b/src/utils/userManager.js
index 5796c1617..a47ad42fe 100644
--- a/src/utils/userManager.js
+++ b/src/utils/userManager.js
@@ -8,6 +8,7 @@ const host = `${window.location.protocol}//${window.location.hostname}${
const userManagerConfig = {
client_id: process.env.REACT_APP_AUTHENTICATION_CLIENT_ID,
redirect_uri: `${host}/auth/callback`,
+ post_logout_redirect_uri: host,
response_type: "code",
scope: "openid email profile force-consent allow-u13-login",
authority: process.env.REACT_APP_AUTHENTICATION_URL,
From 42e70c27538023f45dee7275732ea16934011f4c Mon Sep 17 00:00:00 2001
From: Scott Adams <74183390+sra405@users.noreply.github.com>
Date: Wed, 25 Oct 2023 09:04:45 +0100
Subject: [PATCH 2/2] Release v0.19.3 (#719)
CHANGELOG and package.json changes for release
---
CHANGELOG.md | 5 ++++-
package.json | 2 +-
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1f143a644..86c178b93 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
## Unreleased
+## [0.19.3] - 2023-10-25
+
### Added
- `stepChanged` custom event for the web component (#709)
@@ -548,7 +550,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Events in Web Component indicating whether Mission Zero criteria have been met (#113)
-[unreleased]: https://github.com/RaspberryPiFoundation/editor-ui/compare/v0.19.2...HEAD
+[unreleased]: https://github.com/RaspberryPiFoundation/editor-ui/compare/v0.19.3...HEAD
+[0.19.3]: https://github.com/RaspberryPiFoundation/editor-ui/releases/tag/v0.19.3
[0.19.2]: https://github.com/RaspberryPiFoundation/editor-ui/releases/tag/v0.19.2
[0.19.1]: https://github.com/RaspberryPiFoundation/editor-ui/releases/tag/v0.19.1
[0.19.0]: https://github.com/RaspberryPiFoundation/editor-ui/releases/tag/v0.19.0
diff --git a/package.json b/package.json
index 13f468c59..ce207be48 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "@raspberrypifoundation/editor-ui",
- "version": "0.19.2",
+ "version": "0.19.3",
"private": true,
"dependencies": {
"@RaspberryPiFoundation/design-system-react": "^0.1.2",