X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/0e2a467a923bd490f3e1dc4d8c00a9e2f29e59d4..09cbdc3074b3f1e69c9c537875146f6da0a6ed8f:/lib/controller/federation/login_test.go

diff --git a/lib/controller/federation/login_test.go b/lib/controller/federation/login_test.go
index e294df7d89..e1114bf7eb 100644
--- a/lib/controller/federation/login_test.go
+++ b/lib/controller/federation/login_test.go
@@ -8,12 +8,19 @@ import (
 	"context"
 	"net/url"
 
-	"git.curoverse.com/arvados.git/sdk/go/arvados"
-	"git.curoverse.com/arvados.git/sdk/go/arvadostest"
+	"git.arvados.org/arvados.git/sdk/go/arvados"
+	"git.arvados.org/arvados.git/sdk/go/arvadostest"
+	"git.arvados.org/arvados.git/sdk/go/auth"
 	check "gopkg.in/check.v1"
 )
 
-func (s *FederationSuite) TestDeferToLoginCluster(c *check.C) {
+var _ = check.Suite(&LoginSuite{})
+
+type LoginSuite struct {
+	FederationSuite
+}
+
+func (s *LoginSuite) TestDeferToLoginCluster(c *check.C) {
 	s.addHTTPRemote(c, "zhome", &arvadostest.APIStub{})
 	s.cluster.Login.LoginCluster = "zhome"
 
@@ -32,3 +39,40 @@ func (s *FederationSuite) TestDeferToLoginCluster(c *check.C) {
 		c.Check(remotePresent, check.Equals, remote != "")
 	}
 }
+
+func (s *LoginSuite) TestLogout(c *check.C) {
+	otherOrigin := arvados.URL{Scheme: "https", Host: "app.example.com", Path: "/"}
+	otherURL := "https://app.example.com/foo"
+	s.cluster.Services.Workbench1.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench1.example.com"}
+	s.cluster.Services.Workbench2.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench2.example.com"}
+	s.cluster.Login.TrustedClients = map[arvados.URL]struct{}{otherOrigin: {}}
+	s.addHTTPRemote(c, "zhome", &arvadostest.APIStub{})
+	s.cluster.Login.LoginCluster = "zhome"
+	// s.fed is already set by SetUpTest, but we need to
+	// reinitialize with the above config changes.
+	s.fed = New(s.cluster, nil)
+
+	for _, trial := range []struct {
+		token    string
+		returnTo string
+		target   string
+	}{
+		{token: "", returnTo: "", target: s.cluster.Services.Workbench2.ExternalURL.String()},
+		{token: "", returnTo: otherURL, target: otherURL},
+		{token: "zzzzzzzzzzzzzzzzzzzzz", returnTo: otherURL, target: otherURL},
+		{token: "v2/zzzzz-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: otherURL, target: otherURL},
+		{token: "v2/zhome-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: otherURL, target: "http://" + s.cluster.RemoteClusters["zhome"].Host + "/logout?" + url.Values{"return_to": {otherURL}}.Encode()},
+	} {
+		c.Logf("trial %#v", trial)
+		ctx := s.ctx
+		if trial.token != "" {
+			ctx = auth.NewContext(ctx, &auth.Credentials{Tokens: []string{trial.token}})
+		}
+		resp, err := s.fed.Logout(ctx, arvados.LogoutOptions{ReturnTo: trial.returnTo})
+		c.Assert(err, check.IsNil)
+		c.Logf("  RedirectLocation %q", resp.RedirectLocation)
+		target, err := url.Parse(resp.RedirectLocation)
+		c.Check(err, check.IsNil)
+		c.Check(target.String(), check.Equals, trial.target)
+	}
+}