Merge branch '15954-boot-test-cluster'

[arvados.git] / lib / controller / localdb / login.go

diff --git a/lib/controller/localdb/login.go b/lib/controller/localdb/login.go
index 6d60adf146cac7779e2e9dd6ebfd2d8c17acc492..2e50b84f435856dc282be51b4fbe8b5db548431b 100644 (file)
--- a/lib/controller/localdb/login.go
+++ b/lib/controller/localdb/login.go
@@ -18,10 +18,10 @@ import (
        "text/template"
        "time"
 
-       "git.curoverse.com/arvados.git/lib/controller/rpc"
-       "git.curoverse.com/arvados.git/sdk/go/arvados"
-       "git.curoverse.com/arvados.git/sdk/go/auth"
-       "git.curoverse.com/arvados.git/sdk/go/ctxlog"
+       "git.arvados.org/arvados.git/lib/controller/rpc"
+       "git.arvados.org/arvados.git/sdk/go/arvados"
+       "git.arvados.org/arvados.git/sdk/go/auth"
+       "git.arvados.org/arvados.git/sdk/go/ctxlog"
        "github.com/coreos/go-oidc"
        "golang.org/x/oauth2"
        "google.golang.org/api/option"
@@ -52,6 +52,18 @@ func (ctrl *googleLoginController) getProvider() (*oidc.Provider, error) {
        return ctrl.provider, nil
 }
 
+func (ctrl *googleLoginController) Logout(ctx context.Context, cluster *arvados.Cluster, railsproxy *railsProxy, opts arvados.LogoutOptions) (arvados.LogoutResponse, error) {
+       target := opts.ReturnTo
+       if target == "" {
+               if cluster.Services.Workbench2.ExternalURL.Host != "" {
+                       target = cluster.Services.Workbench2.ExternalURL.String()
+               } else {
+                       target = cluster.Services.Workbench1.ExternalURL.String()
+               }
+       }
+       return arvados.LogoutResponse{RedirectLocation: target}, nil
+}
+
 func (ctrl *googleLoginController) Login(ctx context.Context, cluster *arvados.Cluster, railsproxy *railsProxy, opts arvados.LoginOptions) (arvados.LoginResponse, error) {
        provider, err := ctrl.getProvider()
        if err != nil {
@@ -128,7 +140,7 @@ func (ctrl *googleLoginController) Login(ctx context.Context, cluster *arvados.C
 // Google API does not indicate one.
 func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arvados.Cluster, conf *oauth2.Config, token *oauth2.Token, idToken *oidc.IDToken) (*rpc.UserSessionAuthInfo, error) {
        var ret rpc.UserSessionAuthInfo
-       defer ctxlog.FromContext(ctx).Infof("ret: %#v", &ret) // debug
+       defer ctxlog.FromContext(ctx).WithField("ret", &ret).Debug("getAuthInfo returned")
 
        var claims struct {
                Name     string `json:"name"`
@@ -176,8 +188,6 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
                }
        }
 
-       ctxlog.FromContext(ctx).Infof("people/me response: %#v", person) // debug
-
        // The given/family names returned by the People API and
        // flagged as "primary" (if any) take precedence over the
        // split-by-whitespace result from above.
@@ -195,7 +205,7 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
        }
        for _, ea := range person.EmailAddresses {
                if ea.Metadata == nil || !ea.Metadata.Verified {
-                       ctxlog.FromContext(ctx).WithField("address", ea.Value).Debug("skipping unverified email address")
+                       ctxlog.FromContext(ctx).WithField("address", ea.Value).Info("skipping unverified email address")
                        continue
                }
                altEmails[ea.Value] = true
@@ -209,6 +219,9 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
        for ae := range altEmails {
                if ae != ret.Email {
                        ret.AlternateEmails = append(ret.AlternateEmails, ae)
+                       if i := strings.Index(ae, "@"); i > 0 && strings.ToLower(ae[i+1:]) == strings.ToLower(cluster.Users.PreferDomainForUsername) {
+                               ret.Username = strings.SplitN(ae[:i], "+", 2)[0]
+                       }
                }
        }
        return &ret, nil