From 70850b1826b9ef048ee20d5d5461df3fd4a24027 Mon Sep 17 00:00:00 2001
From: BoHung Chiu <bohung@rulingcom.com>
Date: Tue, 14 Feb 2023 00:06:00 +0800
Subject: [PATCH] Fix logout url bug.

---
 app/controllers/sso_login_box_controller.rb | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/app/controllers/sso_login_box_controller.rb b/app/controllers/sso_login_box_controller.rb
index 93bb4f7..b459aa6 100644
--- a/app/controllers/sso_login_box_controller.rb
+++ b/app/controllers/sso_login_box_controller.rb
@@ -2,6 +2,7 @@ class SsoLoginBoxController < SessionsController
   require 'openssl'
   require 'onelogin/ruby-saml'
   OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
+  skip_before_action :verify_authenticity_token
   def sso_auth_page
     session[:referer_url] = params[:referer_url]
     # puts ["session", session, session.to_hash]
@@ -43,8 +44,8 @@ class SsoLoginBoxController < SessionsController
           session[:sso_token] = user.id
           session[:user_id] = user.id
           session[:login_referer] = nil
-          if params[:referer_url].present?
-            redirect_to URI.parse(params[:referer_url]).path
+          if session[:referer_url].present?
+            redirect_to URI.parse(session[:referer_url]).path
           else
             redirect_to admin_dashboards_path
           end
@@ -71,7 +72,8 @@ class SsoLoginBoxController < SessionsController
   # Create a SP initiated SLO
   def sp_logout_request
     # LogoutRequest accepts plain browser requests w/o paramters
-    settings = saml_settings
+    logout_url = URI.join("https://#{request.host}", params[:referer_url].to_s) rescue "https://#{request.host}"
+    settings = saml_settings(logout_url)
 
     if settings.idp_slo_service_url.nil?
       delete_session
@@ -88,21 +90,21 @@ class SsoLoginBoxController < SessionsController
       # Save the transaction_id to compare it with the response we get back
       session[:transaction_id] = logout_request.uuid
       session[:logged_out_user] = logged_user
-
       relayState = "https://#{request.host}"
       redirect_to(logout_request.create(settings, :RelayState => relayState))
     end
   end
   private
 
-  def saml_settings
+  def saml_settings(logout_url=nil)
     settings = OneLogin::RubySaml::Settings.new
     request_host = request.host
+    logout_url ||= "https://#{request_host}"
     settings.assertion_consumer_service_url = "https://#{request_host}/ntu_sso/response"
     settings.issuer                         = request_host
     settings.idp_sso_target_url            = "https://adfs.ntu.edu.tw/adfs/ls/"
     # settings.idp_sso_target_binding        = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" # or :post, :redirect
-    settings.idp_slo_target_url            = "https://adfs.ntu.edu.tw/adfs/ls/clearall.aspx?url=https://#{request_host}"
+    settings.idp_slo_service_url            = "https://adfs.ntu.edu.tw/adfs/ls/clearall.aspx?url=#{logout_url}"
     # settings.idp_slo_service_binding        = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" # or :post, :redirect
     settings.idp_cert_fingerprint           = (File.read('adfs_fingerprint.txt') rescue '') #"0A:27:FC:D5:CE:DC:D8:44:CC:A9:58:8A:42:D1:F4:DF:38:2E:4A:C3"
     settings.idp_cert_fingerprint_algorithm = "http://www.w3.org/2000/09/xmldsig#sha1"