diff --git a/packages/passport/sdk/src/authManager.test.ts b/packages/passport/sdk/src/authManager.test.ts index 79f34d45a6..82b42f08ee 100644 --- a/packages/passport/sdk/src/authManager.test.ts +++ b/packages/passport/sdk/src/authManager.test.ts @@ -148,13 +148,13 @@ describe('AuthManager', () => { }); describe('when a logoutRedirectUri is specified', () => { - it('should set the endSessionEndpoint `post_logout_redirect_uri` and `client_id` query string params', () => { + it('should set the endSessionEndpoint `returnTo` and `client_id` query string params', () => { const configWithLogoutRedirectUri = getConfig({ logoutRedirectUri }); const am = new AuthManager(configWithLogoutRedirectUri); const uri = new URL(logoutEndpoint, `https://${authenticationDomain}`); uri.searchParams.append('client_id', clientId); - uri.searchParams.append('post_logout_redirect_uri', logoutRedirectUri); + uri.searchParams.append('returnTo', logoutRedirectUri); expect(am).toBeDefined(); expect(UserManager).toBeCalledWith(expect.objectContaining({ @@ -286,15 +286,6 @@ describe('AuthManager', () => { }); describe('logout', () => { - it('should build the correct logout object', async () => { - mockGetUser.mockReturnValue(mockOidcUser); - - const am = new AuthManager(getConfig({ logoutRedirectUri })); - const logoutArgs = await am.getLogoutArgs(); - - expect(logoutArgs.id_token_hint).toEqual(mockUser.idToken); - }); - it('should call redirect logout if logout mode is redirect', async () => { const configuration = getConfig({ logoutMode: 'redirect', @@ -500,7 +491,7 @@ describe('AuthManager', () => { describe('getDeviceFlowEndSessionEndpoint', () => { describe('with a logged in user', () => { describe('when a logoutRedirectUri is specified', () => { - it('should set the endSessionEndpoint `post_logout_redirect_uri` and `client_id` query string params', async () => { + it('should set the endSessionEndpoint `returnTo` and `client_id` query string params', async () => { mockGetUser.mockReturnValue(mockOidcUser); const am = new AuthManager(getConfig({ logoutRedirectUri })); @@ -510,12 +501,12 @@ describe('AuthManager', () => { expect(uri.hostname).toEqual(authenticationDomain); expect(uri.pathname).toEqual(logoutEndpoint); expect(uri.searchParams.get('client_id')).toEqual(clientId); - expect(uri.searchParams.get('id_token_hint')).toEqual(mockUser.idToken); + expect(uri.searchParams.get('returnTo')).toEqual(logoutRedirectUri); }); }); describe('when no post_logout_redirect_uri is specified', () => { - it('should return the endSessionEndpoint without a `post_logout_redirect_uri` or `client_id` query string params', async () => { + it('should return the endSessionEndpoint without a `returnTo` or `client_id` query string params', async () => { mockGetUser.mockReturnValue(mockOidcUser); const am = new AuthManager(getConfig()); @@ -525,7 +516,6 @@ describe('AuthManager', () => { expect(uri.hostname).toEqual(authenticationDomain); expect(uri.pathname).toEqual(logoutEndpoint); expect(uri.searchParams.get('client_id')).toEqual(clientId); - expect(uri.searchParams.get('id_token_hint')).toEqual(mockUser.idToken); }); }); }); diff --git a/packages/passport/sdk/src/authManager.ts b/packages/passport/sdk/src/authManager.ts index e5372580fe..9b952a2c3b 100644 --- a/packages/passport/sdk/src/authManager.ts +++ b/packages/passport/sdk/src/authManager.ts @@ -3,7 +3,6 @@ import { ErrorTimeout, InMemoryWebStorage, User as OidcUser, - SignoutRedirectArgs, UserManager, UserManagerSettings, WebStorageStateStore, @@ -50,7 +49,7 @@ const getAuthConfiguration = (config: PassportConfiguration): UserManagerSetting const endSessionEndpoint = new URL(logoutEndpoint, authenticationDomain.replace(/^(?:https?:\/\/)?(.*)/, 'https://$1')); endSessionEndpoint.searchParams.set('client_id', oidcConfiguration.clientId); if (oidcConfiguration.logoutRedirectUri) { - endSessionEndpoint.searchParams.set('post_logout_redirect_uri', oidcConfiguration.logoutRedirectUri); + endSessionEndpoint.searchParams.set('returnTo', oidcConfiguration.logoutRedirectUri); } const baseConfiguration: UserManagerSettings = { @@ -358,22 +357,13 @@ export default class AuthManager { return response.data; } - public async getLogoutArgs(): Promise { - const user = await this.getUser(); - - return { - id_token_hint: user?.idToken, - }; - } - public async logout(): Promise { return withPassportError( async () => { - const logoutArgs = await this.getLogoutArgs(); if (this.logoutMode === 'silent') { - return this.userManager.signoutSilent(logoutArgs); + return this.userManager.signoutSilent(); } - return this.userManager.signoutRedirect(logoutArgs); + return this.userManager.signoutRedirect(); }, PassportErrorType.LOGOUT_ERROR, ); @@ -393,9 +383,7 @@ export default class AuthManager { const endSessionEndpoint = new URL(logoutEndpoint, authenticationDomain); endSessionEndpoint.searchParams.set('client_id', oidcConfiguration.clientId); - const logoutArgs = await this.getLogoutArgs(); - if (logoutArgs.id_token_hint) endSessionEndpoint.searchParams.set('id_token_hint', logoutArgs.id_token_hint); - if (logoutArgs.post_logout_redirect_uri) endSessionEndpoint.searchParams.set('post_logout_redirect_uri', logoutArgs.post_logout_redirect_uri); + if (oidcConfiguration.logoutRedirectUri) endSessionEndpoint.searchParams.set('returnTo', oidcConfiguration.logoutRedirectUri); return endSessionEndpoint.toString(); }