Add logout url.

2021-10-28 09:06:52 +08:00 · 2021-10-28 09:06:52 +08:00 · 059cddf9bb
parent 1311d8fd66
commit 059cddf9bb
2 changed files with 17 additions and 0 deletions
--- a/app/controllers/sso_login_box_controller.rb
+++ b/app/controllers/sso_login_box_controller.rb
@ -1,6 +1,16 @@
 class SsoLoginBoxController < SessionsController
  require 'openssl'
  OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
+  def self.logout #Token Revocation
+    session = OrbitHelper.request.session
+    if session[:sso_token]
+      token_connection = Faraday.new 'https://cas.ccu.edu.tw/oauth2.0/revoke'
+      token_response = token_connection.post do |request|
+        request.params['token'] = session[:sso_token]
+        request.params['token_type_hint'] = 'access_token'
+      end
+    end
+  end
  def oauth2_auth_page
    session[:referer_url] = params[:referer_url]
    redirect_to "https://cas.ccu.edu.tw/oauth2.0/authorize?response_type=#{ENV['RESPONSE_TYPE']}&client_id=#{ENV['APP_ID']}&redirect_uri=#{ENV['REDIRECT_URI']}"
@ -29,6 +39,7 @@ class SsoLoginBoxController < SessionsController
    user_name = JSON.parse(account_response.body)['id']
    user = User.find_by(user_name: user_name) rescue nil
    if !user.nil?
+      session[:sso_token] = token
      session[:user_id] = user.id
      session[:login_referer] = nil
      if session[:referer_url].present?
--- a/lib/sso_login_box.rb
+++ b/lib/sso_login_box.rb
@ -1,4 +1,10 @@
 require "sso_login_box/engine"

 module SsoLoginBox
+	# def self.controller_name #if defined, call controller's logout method
+	# 	"SsoLoginBoxController"
+	# end
+	def self.logout_url
+		"https://cas.ccu.edu.tw/logout"
+	end
 end