From ac9e8cf63565c85ff428e8bff819d3331c1fc29f Mon Sep 17 00:00:00 2001 From: quochuydev Date: Thu, 15 Aug 2024 09:03:18 +0700 Subject: [PATCH] =?UTF-8?q?=F0=9F=AA=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app1/ui/Home.tsx | 10 +-- auth/app/api/auth/signout/route.ts | 102 +++++++++++++++-------------- auth/configuration.ts | 1 + auth/prisma/dev.db | Bin 36864 -> 36864 bytes 4 files changed, 57 insertions(+), 56 deletions(-) diff --git a/app1/ui/Home.tsx b/app1/ui/Home.tsx index f1372f9..f016bd2 100644 --- a/app1/ui/Home.tsx +++ b/app1/ui/Home.tsx @@ -28,14 +28,8 @@ export default function Home() { onSelectAccount={(session) => console.log(session)} session={sessions[0]} sessions={sessions} - signOut={async (sessionId) => { - await fetch("https://auth.example.local/api/v1/signout", { - method: "post", - credentials: "include", - body: JSON.stringify({ sessionId }), - }).then((response) => response.json()); - - reloadSessions(); + signOut={() => { + window.location.href = `https://auth.example.local/auth/signout?id_token_hint=${sessions[0].idToken}&return_url=https://app.example.local/app1/hello`; }} /> diff --git a/auth/app/api/auth/signout/route.ts b/auth/app/api/auth/signout/route.ts index cf790e9..04467ee 100644 --- a/auth/app/api/auth/signout/route.ts +++ b/auth/app/api/auth/signout/route.ts @@ -5,60 +5,66 @@ import { prisma } from "@/lib/prisma"; import { NextRequest, NextResponse } from "next/server"; export async function POST(request: NextRequest) { - const body = (await request.json()) as { - returnUrl?: string; - idTokenHint?: string; - clientId?: string; - postLogoutRedirectUri?: string; - state?: string; - }; - const { returnUrl, idTokenHint, clientId, postLogoutRedirectUri, state } = - body; + try { + const body = (await request.json()) as { + returnUrl?: string; + idTokenHint?: string; + clientId?: string; + postLogoutRedirectUri?: string; + state?: string; + }; + const { returnUrl, idTokenHint, state } = body; - const wellKnownResponse = await fetch( - `${configuration.portal.issuer}/.well-known/openid-configuration` - ); + const wellKnownResponse = await fetch( + `${configuration.portal.issuer}/.well-known/openid-configuration` + ); - const wellKnown = (await wellKnownResponse.json()) as { - issuer: string; - authorization_endpoint: string; - token_endpoint: string; - userinfo_endpoint: string; - end_session_endpoint: string; - }; + const wellKnown = (await wellKnownResponse.json()) as { + issuer: string; + authorization_endpoint: string; + token_endpoint: string; + userinfo_endpoint: string; + end_session_endpoint: string; + }; - if (wellKnownResponse.status !== 200) { - throw { code: wellKnownResponse.status, details: wellKnown }; - } + if (wellKnownResponse.status !== 200) { + throw { code: wellKnownResponse.status, details: wellKnown }; + } - const params: { - id_token_hint?: string; - client_id?: string; - post_logout_redirect_uri?: string; - state?: string; - } = { - id_token_hint: idTokenHint, - client_id: clientId, - post_logout_redirect_uri: postLogoutRedirectUri, - state: state, - }; + const params: { + client_id?: string; + post_logout_redirect_uri?: string; + id_token_hint?: string; + state?: string; + } = { + client_id: configuration.portal.clientId, + post_logout_redirect_uri: configuration.portal.postLogoutRedirectUri, + }; - if (idTokenHint) { - await prisma.session.updateMany({ - where: { - idToken: idTokenHint, - }, - data: { - deletedAt: new Date(), - }, - }); - } + if (idTokenHint) params.id_token_hint = idTokenHint; + if (state) params.state = state; - const endSessionUrl = `${ - wellKnown.end_session_endpoint - }?${new URLSearchParams(params).toString()}`; + if (idTokenHint) { + await prisma.session.updateMany({ + where: { + idToken: idTokenHint, + }, + data: { + deletedAt: new Date(), + }, + }); + } - if (returnUrl) setShortLiveCookie(returnUrlCookieName, returnUrl); + const endSessionUrl = `${ + wellKnown.end_session_endpoint + }?${new URLSearchParams(params).toString()}`; - return NextResponse.json({ endSessionUrl }); + if (returnUrl) setShortLiveCookie(returnUrlCookieName, returnUrl); + + return NextResponse.json({ endSessionUrl }); + } catch (error: any) { + return NextResponse.json(error.details || { message: error.message }, { + status: error.code, + }); + } } diff --git a/auth/configuration.ts b/auth/configuration.ts index 0ca38dd..4b06a49 100644 --- a/auth/configuration.ts +++ b/auth/configuration.ts @@ -41,6 +41,7 @@ const configuration = { issuer: "https://system-v1-fpms4l.zitadel.cloud", clientId: "279716137237868517", redirectUrl: "https://auth.example.local/api/auth/callback", + postLogoutRedirectUri: "https://auth.example.local/auth/signedout", }, }; diff --git a/auth/prisma/dev.db b/auth/prisma/dev.db index 49a4c7da848b60fd6135a53df49a8750a3c6db11..8e5dbfa95cf3fd00a181c49fe7e4bcca02fe10ab 100644 GIT binary patch delta 876 zcmaizy^q^u0Ed&1Yde5a5JM}9giwW8EG2PX$4077i9h4me(l(f?Nq1WkHqnJ9N*a& zGu+)$RaaC|MPly2!hlM3{{VuOfsuj#1SEPh3)^pa^i0q1@^$O-b?duNnw?jV$Y$s5 z*FPM;-|n0=I)8TFbWS?YZa%y(b`Ec{qsJI#5Be^S4A;aO8F(uUAqdAq27^J*b$Vds zqTTk*Ggx--tG|9@eb8t$TFuMGyZlZWlAlkfNX(UJZC#>3yw zrx)aIFVqWxi}C2R;*^TU*pev3k-_OQ}EW)Ki0@A!OWp?b)P6`f5Lo2GI^^@ng6 zr9^;Oz)ScUnD&(35aCo*+L5&p$UGsKN?A>bj(eJH)86Tia+;d26x`t0T zP@)k4pdZB+YqUF zZptk1G0s~PIjXuib2ekf42vH=yZ-!R1&Fl*pcbK!8UZP!Q7JgcUtyo}9xe90bfZ8s z&gbzqhV!xIBr{B7dGzq(b#<=~De+vQ{KJ`qu4wTIi#=YWYXM7j=Xq~bvBjLVgg>b&F-uH2up+SV=1!qjAfan-bpH80UbBNvwf zSb9k}n*vMslkFU@YG+rvNVciq&YSdXE;~P;f)ehl+%Xw4Fyhz%YEGtfc+m?rm5ia< zGgAz$3nsf- zF)C0ilV%DF%8I8IODjT>Nc0?jkwnHu8t-v~jALuGEj>!JR+|FXO@0|FEKyow=0`C_ zZz3gjT|@8%%5eylLf1)uPWpQxWfjt3fkJjkd};cuu{SbM0Idf6XoXnYOr6z;-YdFL skONop4}Tng@#wbor_ERDZx4Qc`Q*L-1b(=Nk8l2Y-oAV1mbm@IJAJYs`2YX_ delta 87 zcmV-d0I2_fpaOuP0+1U43y~Z{0SmEUq(2G+4~75_*blD{hO-eMcn`CNPj)a4P^1dR t4FCWD0SLwb2*$C2ya*DGHvu83ch{mU&eL0F#POB(wI21P6NF8qELz