Add logout url.

app/controllers/sso_login_box_controller.rb

@@ -1,6 +1,16 @@
 class SsoLoginBoxController < SessionsController
   require 'openssl'
   OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
+  def self.logout #Token Revocation
+    session = OrbitHelper.request.session
+    if session[:sso_token]
+      token_connection = Faraday.new 'https://cas.ccu.edu.tw/oauth2.0/revoke'
+      token_response = token_connection.post do |request|
+        request.params['token'] = session[:sso_token]
+        request.params['token_type_hint'] = 'access_token'
+      end
+    end
+  end
   def oauth2_auth_page
     session[:referer_url] = params[:referer_url]
     redirect_to "https://cas.ccu.edu.tw/oauth2.0/authorize?response_type=#{ENV['RESPONSE_TYPE']}&client_id=#{ENV['APP_ID']}&redirect_uri=#{ENV['REDIRECT_URI']}"
@@ -29,6 +39,7 @@ class SsoLoginBoxController < SessionsController
     user_name = JSON.parse(account_response.body)['id']
     user = User.find_by(user_name: user_name) rescue nil
     if !user.nil?
+      session[:sso_token] = token
       session[:user_id] = user.id
       session[:login_referer] = nil
       if session[:referer_url].present?

lib/sso_login_box.rb

@@ -1,4 +1,10 @@
 require "sso_login_box/engine"
 
 module SsoLoginBox
+	# def self.controller_name #if defined, call controller's logout method
+	# 	"SsoLoginBoxController"
+	# end
+	def self.logout_url
+		"https://cas.ccu.edu.tw/logout"
+	end
 end