Merge pull request #143 from BuckinghamAJ/dev

Fixing Login.gov Redirect
GSA · Mar 1, 2024 · 263c7f9 · 263c7f9
2 parents 92430ce + fb8a790
commit 263c7f9
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 8 deletions.
diff --git a/cf/manifest.prod.yml b/cf/manifest.prod.yml
@@ -1,6 +1,6 @@
 ---
 applications:
-- name: srt-server-prod
+- name: srt-api-prod
   memory: 1024M
   disk_quota: 2048M
 #  health-check-type: process # don't re-enable....move to port 8080 if you have problems

diff --git a/cf/manifest.staging.yml b/cf/manifest.staging.yml
@@ -1,6 +1,6 @@
 ---
 applications:
-- name: srt-server-staging
+- name: srt-api-staging
   memory: 1024M
   disk_quota: 2048M
 #  health-check-type: process # don't re-enable....move to port 8080 if you have problems

diff --git a/server/app.js b/server/app.js
@@ -17,6 +17,7 @@ const logger = require('./config/winston')
 const {cleanAwardNotices} = require('./cron/noticeAwardCleanup')
 const {CronJob} = require('cron')
 const pg = require('pg');
+const querystring = require('querystring');
 
 const { Issuer, Strategy, generators } = require('openid-client');
 
@@ -223,6 +224,18 @@ module.exports = {
   app.get("/api/login", (req, res) => {
     res.redirect(login_gov_auth_url);
   });
+  app.get("/api/logout", (req, res) => {
+
+    const logoutEndPoint = config['login_gov_oidc']['logout_endpoint']
+
+    const params = {
+      client_id: config['login_gov_oidc']['client_id'],
+      post_logout_redirect_uri: config['srtClientUrl'] + '/auth',
+    }
+
+    res.redirect(logoutEndPoint + '?' + querystring.stringify(params))
+
+  });
   // Login.gov Failure to Proof URL: 
   // For users who are unable to complete identity proofing and returning to the app
   app.get("odic/failure", (req, res) => {

diff --git a/server/config/config.js b/server/config/config.js
@@ -351,7 +351,9 @@ module.exports = {
       "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
       "token_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/token",
       "user_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/userinfo",
-      "redirect_uri": "http://localhost:3000/odic/callback"
+      "redirect_uri": "http://localhost:3000/odic/callback",
+      "logout_endpoint": "https://idp.int.identitysandbox.gov/openid_connect/logout",
+
     },
     "maxCas" : {
       "cas_url" : "https://login.test.max.gov/cas/",
@@ -431,7 +433,8 @@ module.exports = {
       "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
       "token_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/token",
       "user_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/userinfo",
-      "redirect_uri": "http://srt-server-dev.app.cloud.gov/odic/callback"
+      "redirect_uri": "http://srt-server-dev.app.cloud.gov/odic/callback",
+      "logout_endpoint": "https://idp.int.identitysandbox.gov/openid_connect/logout",
     },
     "maxCas" : {
       "cas_url" : "https://login.test.max.gov/cas/",
@@ -472,7 +475,8 @@ module.exports = {
       "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
       "token_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/token",
       "user_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/userinfo",
-      "redirect_uri": "http://srt-server-staging.app.cloud.gov/odic/callback"
+      "redirect_uri": "http://srt-server-staging.app.cloud.gov/odic/callback",
+      "logout_endpoint": "https://idp.int.identitysandbox.gov/openid_connect/logout",
     },
     "maxCas" : {
       "cas_url" : "https://login.test.max.gov/cas/",
@@ -551,6 +555,7 @@ module.exports = {
       "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
       "token_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/token",
       "user_endpoint": "https://idp.int.identitysandbox.gov/api/openid_connect/userinfo",
+      "logout_endpoint": "https://idp.int.identitysandbox.gov/openid_connect/logout",
     },
     "maxCas" : {
       "cas_url" : "https://login.max.gov/cas/",

diff --git a/server/routes/auth.routes.js b/server/routes/auth.routes.js
@@ -552,12 +552,13 @@ module.exports = {
                 userRole: srt_userinfo.userRole,
                 firstName: srt_userinfo.firstName || userInfo.given_name,
                 lastName: srt_userinfo.lastName || userInfo.family_name,
+                loginMethod: "login.gov",
               }
               let location = `${config['srtClientUrl']}/auth?info=${jsonToURI(uri_components)}`
+
+              //console.log("Redirecting to: ", location)
 
-              return res.status(302)
-                .set('Location', location)
-                .send(`<html lang="en"><body>Preparing login</body></html>`)
+              return res.redirect(302, location);
           })
         });