Merge pull request #6071 from brionmario/legacy-mode-migration

Fix console logout issues in new runtime
wso2 · Apr 25, 2024 · 1518a12 · 1518a12
2 parents 35b7597 + 5a5d210
commit 1518a12
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 5 deletions.
diff --git a/.changeset/quick-bobcats-fetch.md b/.changeset/quick-bobcats-fetch.md
@@ -0,0 +1,5 @@
+---
+"@wso2is/features": patch
+---
+
+Fix console logout issues in new runtime
diff --git a/features/admin.authentication.v1/hooks/use-sign-in.ts b/features/admin.authentication.v1/hooks/use-sign-in.ts
@@ -470,18 +470,60 @@ const useSignIn = (): UseSignInInterface => {
                 sessionStorage.setItem(OIDC_SESSION_IFRAME_ENDPOINT, oidcSessionIframeEndpoint);
                 sessionStorage.setItem(TOKEN_ENDPOINT, tokenEndpoint);
 
+                let signOutRedirectURL: URL = null;
+
+                try {
+                    signOutRedirectURL = new URL(deriveLogoutRedirectForSubOrgLogins(
+                        logoutRedirectUrl,
+                        userOrganizationId,
+                        orgIdIdToken
+                    ));
+                } catch(e) {
+                    signOutRedirectURL = null;
+                }
+
+                // If the experimental Platform IdP is enabled and the user is not a privileged user,
+                // We need to append the `homeRealmId` of the platform IdP as a `fidp` query
+                // param to the post logout redirect URL.
+                if (__experimental__platformIdP?.enabled && !isPrivilegedUser) {
+                    if (!signOutRedirectURL) {
+                        signOutRedirectURL = new URL(window["AppUtils"]?.getConfig()?.logoutCallbackURL);
+                    }
+
+                    signOutRedirectURL.searchParams.set("fidp", __experimental__platformIdP.homeRealmId);
+
+                    // `updateConfig` doesn't seem to be updating the SDK config after initializing.
+                    // Hence the updated `signOutRedirectURL` is not taken for logout.
+                    // Tracker: https://github.com/asgardeo/asgardeo-auth-react-sdk/issues/222
+                    // TODO: Remove this workaround once the above issue is fixed.
+                    Object.entries(sessionStorage).forEach(([ key, value ]: [ key: string, value: string ]) => {
+                        if (key.startsWith(LOGOUT_URL) && key.includes(window["AppUtils"]?.getConfig()?.clientID)) {
+                            const _signOutRedirectURL: URL = new URL(value);
+
+                            const postLogoutRedirectUri: URL = new URL(
+                                _signOutRedirectURL.searchParams.get("post_logout_redirect_uri")
+                            );
+
+                            postLogoutRedirectUri.searchParams.set("fidp", __experimental__platformIdP.homeRealmId);
+
+                            _signOutRedirectURL.searchParams.set(
+                                "post_logout_redirect_uri",
+                                postLogoutRedirectUri?.href
+                            );
+
+                            sessionStorage.setItem(key, _signOutRedirectURL.href);
+                        }
+                    });
+                }
+
                 updateConfig({
                     endpoints: {
                         authorizationEndpoint: authorizationEndpoint,
                         checkSessionIframe: oidcSessionIframeEndpoint,
                         endSessionEndpoint: logoutUrl.split("?")[0],
                         tokenEndpoint: tokenEndpoint
                     },
-                    signOutRedirectURL: deriveLogoutRedirectForSubOrgLogins(
-                        logoutRedirectUrl,
-                        userOrganizationId,
-                        orgIdIdToken
-                    )
+                    signOutRedirectURL: signOutRedirectURL?.href
                 });
             })
             .catch((error: any) => {