From 95113a2034a31d7d6ca3ac913ab24eaf2552e2e4 Mon Sep 17 00:00:00 2001
From: shankar ambady <ambady@mit.edu>
Date: Fri, 28 Jun 2024 14:00:12 -0400
Subject: [PATCH 1/2] adding post logout redirect to keycloak

---
 authentication/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authentication/views.py b/authentication/views.py
index 4fcebc3392..586b19c74a 100644
--- a/authentication/views.py
+++ b/authentication/views.py
@@ -32,7 +32,7 @@ def _keycloak_logout_url(self, user):
             user, provider=OlOpenIdConnectAuth.name
         ).first()
         id_token = user_social_auth_record.extra_data.get("id_token")
-        return f"{settings.KEYCLOAK_BASE_URL}/realms/{settings.KEYCLOAK_REALM_NAME}/protocol/openid-connect/logout?id_token_hint={id_token}"  # noqa: E501
+        return f"{settings.KEYCLOAK_BASE_URL}/realms/{settings.KEYCLOAK_REALM_NAME}/protocol/openid-connect/logout?id_token_hint={id_token}&post_logout_redirect_uri={settings.LOGOUT_REDIRECT_URL}"  # noqa: E501
 
     def get(
         self,

From 60f3e1e0b90613a6a29e7007cc1b9dfdd42eeb70 Mon Sep 17 00:00:00 2001
From: shankar ambady <ambady@mit.edu>
Date: Fri, 28 Jun 2024 16:35:38 -0400
Subject: [PATCH 2/2] urlencoding query string

---
 authentication/views.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/authentication/views.py b/authentication/views.py
index 586b19c74a..7e8114494f 100644
--- a/authentication/views.py
+++ b/authentication/views.py
@@ -1,5 +1,7 @@
 """Authentication views"""
 
+from urllib.parse import urlencode
+
 from django.conf import settings
 from django.contrib.auth import views
 from django.http import Http404
@@ -32,7 +34,13 @@ def _keycloak_logout_url(self, user):
             user, provider=OlOpenIdConnectAuth.name
         ).first()
         id_token = user_social_auth_record.extra_data.get("id_token")
-        return f"{settings.KEYCLOAK_BASE_URL}/realms/{settings.KEYCLOAK_REALM_NAME}/protocol/openid-connect/logout?id_token_hint={id_token}&post_logout_redirect_uri={settings.LOGOUT_REDIRECT_URL}"  # noqa: E501
+        qs = urlencode(
+            {
+                "id_token_hint": id_token,
+                "post_logout_redirect_uri": settings.LOGOUT_REDIRECT_URL,
+            }
+        )
+        return f"{settings.KEYCLOAK_BASE_URL}/realms/{settings.KEYCLOAK_REALM_NAME}/protocol/openid-connect/logout?{qs}"  # noqa: E501
 
     def get(
         self,