Fixup logout so that it doesn't crash with a 403

ministryofjustice · Jul 14, 2021 · 771ac0c · 771ac0c
1 parent 5a65ab5
commit 771ac0c
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 3 deletions.
diff --git a/app/models/signon_identity.rb b/app/models/signon_identity.rb
@@ -81,7 +81,13 @@ def initialize(user, full_name:, logout_url:, organisations:, roles:)
 
   def logout_url(redirect_to: nil)
     url = URI.parse(@logout_url)
-    url.query = { redirect_to: redirect_to }.to_query if redirect_to
+    if redirect_to
+      url.query = {
+        redirect_uri: redirect_to,
+        client_id: Rails.configuration.nomis_user_oauth_client_id
+      }.to_query
+    end
+
     url.to_s
   end
 

diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb
@@ -90,7 +90,7 @@
     it 'deletes the current user id from the session and redirects' do
       expect(destroy).
         to redirect_to(<<-URI.strip_heredoc)
-          http://example.com/logout?redirect_to=#{CGI.escape(root_url)}
+          http://example.com/logout?client_id=prison-visits-booking-frontend&redirect_uri=#{CGI.escape(root_url)}
       URI
       expect(session[:sso_data]).to be_nil
     end

diff --git a/spec/models/signon_identity_spec.rb b/spec/models/signon_identity_spec.rb
@@ -174,7 +174,7 @@
       expect(
         subject.logout_url(redirect_to: 'https://pvb/loggedout')
       ).to eq(
-        'https://example.com/logout?redirect_to=https%3A%2F%2Fpvb%2Floggedout'
+        'https://example.com/logout?client_id=prison-visits-booking-frontend&redirect_uri=https%3A%2F%2Fpvb%2Floggedout'
       )
     end
   end