16101: Redirect logout to Workbench if return_to param missing.

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@tomclegg.ca>

diff --git a/lib/controller/federation/login_test.go b/lib/controller/federation/login_test.go
index 3cc5cb842c4907a1b5ac530113489144d636063c..1d6e12e0159f5c73d45ebfda595a10587580a9b5 100644 (file)
--- a/lib/controller/federation/login_test.go
+++ b/lib/controller/federation/login_test.go
@@ -41,26 +41,30 @@ func (s *LoginSuite) TestDeferToLoginCluster(c *check.C) {
 }
 
 func (s *LoginSuite) TestLogout(c *check.C) {
+       s.cluster.Services.Workbench1.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench1.example.com"}
+       s.cluster.Services.Workbench2.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench2.example.com"}
        s.cluster.Login.GoogleClientID = "zzzzzzzzzzzzzz"
        s.addHTTPRemote(c, "zhome", &arvadostest.APIStub{})
        s.cluster.Login.LoginCluster = "zhome"
 
        returnTo := "https://app.example.com/foo?bar"
        for _, trial := range []struct {
-               token  string
-               target string
+               token    string
+               returnTo string
+               target   string
        }{
-               {token: "", target: returnTo},
-               {token: "zzzzzzzzzzzzzzzzzzzzz", target: returnTo},
-               {token: "v2/zzzzz-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", target: returnTo},
-               {token: "v2/zhome-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", target: "http://" + s.cluster.RemoteClusters["zhome"].Host + "/logout?" + url.Values{"return_to": {returnTo}}.Encode()},
+               {token: "", returnTo: "", target: s.cluster.Services.Workbench2.ExternalURL.String()},
+               {token: "", returnTo: returnTo, target: returnTo},
+               {token: "zzzzzzzzzzzzzzzzzzzzz", returnTo: returnTo, target: returnTo},
+               {token: "v2/zzzzz-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: returnTo, target: returnTo},
+               {token: "v2/zhome-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: returnTo, target: "http://" + s.cluster.RemoteClusters["zhome"].Host + "/logout?" + url.Values{"return_to": {returnTo}}.Encode()},
        } {
                c.Logf("trial %#v", trial)
                ctx := context.Background()
                if trial.token != "" {
                        ctx = auth.NewContext(ctx, &auth.Credentials{Tokens: []string{trial.token}})
                }
-               resp, err := s.fed.Logout(ctx, arvados.LogoutOptions{ReturnTo: returnTo})
+               resp, err := s.fed.Logout(ctx, arvados.LogoutOptions{ReturnTo: trial.returnTo})
                c.Assert(err, check.IsNil)
                c.Logf("  RedirectLocation %q", resp.RedirectLocation)
                target, err := url.Parse(resp.RedirectLocation)

diff --git a/lib/controller/localdb/login.go b/lib/controller/localdb/login.go
index e96b940ef7cc990c9dd7c98bf950c76fe690fcb4..2e50b84f435856dc282be51b4fbe8b5db548431b 100644 (file)
--- a/lib/controller/localdb/login.go
+++ b/lib/controller/localdb/login.go
@@ -53,7 +53,15 @@ func (ctrl *googleLoginController) getProvider() (*oidc.Provider, error) {
 }
 
 func (ctrl *googleLoginController) Logout(ctx context.Context, cluster *arvados.Cluster, railsproxy *railsProxy, opts arvados.LogoutOptions) (arvados.LogoutResponse, error) {
-       return arvados.LogoutResponse{RedirectLocation: opts.ReturnTo}, nil
+       target := opts.ReturnTo
+       if target == "" {
+               if cluster.Services.Workbench2.ExternalURL.Host != "" {
+                       target = cluster.Services.Workbench2.ExternalURL.String()
+               } else {
+                       target = cluster.Services.Workbench1.ExternalURL.String()
+               }
+       }
+       return arvados.LogoutResponse{RedirectLocation: target}, nil
 }
 
 func (ctrl *googleLoginController) Login(ctx context.Context, cluster *arvados.Cluster, railsproxy *railsProxy, opts arvados.LoginOptions) (arvados.LoginResponse, error) {