Merge pull request #8 from Authress/add-support-for-logout

Support logout method. fix #7
Authress · Dec 24, 2023 · 56adc33 · 56adc33
2 parents cfa1d7b + 7b5f7af
commit 56adc33
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 2 deletions.
diff --git a/examples/server/server.rs b/examples/server/server.rs
@@ -444,7 +444,7 @@ impl<C> Api<C> for Server<C> where C: Has<XSpanIdString> + Send + Sync
     async fn request_token(&self, host: &str, context: &C) -> Result<RequestTokenResponse, ApiError> {
         let signature_key_db = self.databases.signature_key.lock().unwrap();
         let result = self.authentication_controller.get_token(host, signature_key_db.to_owned());
-        info!("authenticate({host})- X-Span-ID: {:?}", context.get().0.clone());
+        info!("request_token({host})- X-Span-ID: {:?}", context.get().0.clone());
         return Ok(RequestTokenResponse::Success(serde_json::to_string(&result).unwrap()));
     }
 

diff --git a/src/lib.rs b/src/lib.rs
@@ -5,7 +5,7 @@
 #![allow(clippy::derive_partial_eq_without_eq, clippy::disallowed_names)]
 
 use async_trait::async_trait;
-use authentication::{LoginResponse, RequestTokenResponse, OpenIdConfigurationResponse, JwksResponse, AuthenticationResponse, AuthenticationRequest};
+use authentication::*;
 use authress::models::*;
 use futures::Stream;
 use log::*;

diff --git a/src/server/mod.rs b/src/server/mod.rs
@@ -3393,6 +3393,34 @@ impl<T, C> hyper::service::Service<(Request<Body>, C)> for Service<T, C> where
                 Ok(response)
             },
 
+            // Logout GET /
+            hyper::Method::GET if regex::Regex::new(r"^/logout$")?.is_match(uri.path()) => {
+                let query_params = form_urlencoded::parse(uri.query().unwrap_or_default().as_bytes()).collect::<Vec<_>>();
+                let redirect_uri = query_params.iter().filter(|e| e.0 == "redirect_uri").map(|e| e.1.clone())
+                    .next();
+                let redirect_uri = match redirect_uri {
+                    Some(redirect_uri) => {
+                        let redirect_uri =
+                            <String as std::str::FromStr>::from_str
+                                (&redirect_uri);
+                        match redirect_uri {
+                            Ok(redirect_uri) => Some(redirect_uri),
+                            Err(e) => return Ok(Response::builder()
+                                .status(StatusCode::BAD_REQUEST)
+                                .body(Body::from(format!("Couldn't parse query parameter redirect_uri - doesn't match schema: {}", e)))
+                                .expect("Unable to create Bad Request response for invalid query parameter redirect_uri")),
+                        }
+                    },
+                    None => None,
+                };
+
+                return Ok(Response::builder()
+                    .status(StatusCode::TEMPORARY_REDIRECT)
+                    .header("location", redirect_uri.unwrap())
+                    .body(Body::from(""))
+                    .expect("Unable to create redirect for logout."));
+            },
+
             // Authenticate - POST /api/authentication
             hyper::Method::POST if regex::Regex::new(r"^/api/authentication$")?.is_match(uri.path()) => {
                 // Body parameters (note that non-required body parameters will ignore garbage