Fix for logout issue.

bcgov · Nov 27, 2024 · 09a538b · 09a538b
1 parent f4c7709
commit 09a538b
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/backend/src/app.js b/backend/src/app.js
@@ -149,7 +149,7 @@ auth.getOidcDiscovery().then(discovery => {
     callbackURL: config.get('server:frontend') + '/api/auth/callback',
     scope: discovery.scopes_supported,
     kc_idp_hint: config.get('server:idirIDPHint')
-  }, (_issuer, profile, _context, _idToken, accessToken, refreshToken, done) => {
+  }, (_issuer, profile, _context, idToken, accessToken, refreshToken, done) => {
     if ((typeof (accessToken) === 'undefined') || (accessToken === null) ||
       (typeof (refreshToken) === 'undefined') || (refreshToken === null)) {
       return done('No access token', null);
@@ -158,6 +158,7 @@ auth.getOidcDiscovery().then(discovery => {
     //set access and refresh tokens
     profile.jwtFrontend = auth.generateUiToken();
     profile.jwt = accessToken;
+    profile.idToken = idToken;
     profile.refreshToken = refreshToken;
     return done(null, profile);
   }));

diff --git a/backend/src/routes/auth.js b/backend/src/routes/auth.js
@@ -45,6 +45,7 @@ router.get('/login', passport.authenticate('oidc', {
 
 //removes tokens and destroys session
 router.get('/logout', async (req, res, next) => {
+  let idToken = req?.session?.passport?.user?.idToken;
   if (req?.session?.passport?.user) {
     req.logout(function(err) {
       if (err) {
@@ -55,7 +56,7 @@ router.get('/logout', async (req, res, next) => {
       if (req.query && req.query.sessionExpired) {
         retUrl = encodeURIComponent(config.get('logoutEndpoint') + '?post_logout_redirect_uri=' + config.get('server:frontend') + '/session-expired' + '&client_id=' + config.get('oidc:clientId'));
       } else {
-        retUrl = encodeURIComponent(config.get('logoutEndpoint') + '?post_logout_redirect_uri=' + config.get('server:frontend') + '/logout' + '&client_id=' + config.get('oidc:clientId'));
+        retUrl = encodeURIComponent(config.get('logoutEndpoint') + '?post_logout_redirect_uri=' + config.get('server:frontend') + '/logout' + '&id_token_hint=' + idToken);
       }
       res.redirect(config.get('siteMinder_logout_endpoint') + retUrl);
     });