From 413b8dfc19d9a03f0458fdcf8aa9593a2d1ff63e Mon Sep 17 00:00:00 2001
From: ybelMekk <youssef.bel.mekki@nav.no>
Date: Tue, 25 Jan 2022 11:36:41 +0100
Subject: [PATCH] fix: revert frontChannelLogout impl.

---
 pkg/router/handler_frontchannellogout.go | 25 +++++++-----------------
 1 file changed, 7 insertions(+), 18 deletions(-)

diff --git a/pkg/router/handler_frontchannellogout.go b/pkg/router/handler_frontchannellogout.go
index ad52581..1246248 100644
--- a/pkg/router/handler_frontchannellogout.go
+++ b/pkg/router/handler_frontchannellogout.go
@@ -1,26 +1,27 @@
 package router
 
 import (
-	log "github.com/sirupsen/logrus"
 	"net/http"
+
+	log "github.com/sirupsen/logrus"
 )
 
 // FrontChannelLogout triggers logout triggered by a third-party.
 func (h *Handler) FrontChannelLogout(w http.ResponseWriter, r *http.Request) {
-	sessionParamKeys := []string{"sid", "session_state"}
-	externalSessionID := extractExternalSessionID(r, sessionParamKeys)
+	params := r.URL.Query()
+	sid := params.Get("sid")
 
 	// Unconditionally destroy all local references to the session.
 	h.deleteCookie(w, SessionCookieName, h.Cookies)
 
-	if len(externalSessionID) == 0 {
-		log.Infof("any of parameters %q not set in request; ignoring", sessionParamKeys)
+	if len(sid) == 0 {
+		log.Info("sid parameter not set in request; ignoring")
 		h.DeleteSessionFallback(w, r)
 		w.WriteHeader(http.StatusOK)
 		return
 	}
 
-	sessionID := h.localSessionID(externalSessionID)
+	sessionID := h.localSessionID(sid)
 
 	err := h.destroySession(w, r, sessionID)
 	if err != nil {
@@ -30,15 +31,3 @@ func (h *Handler) FrontChannelLogout(w http.ResponseWriter, r *http.Request) {
 
 	w.WriteHeader(http.StatusOK)
 }
-
-func extractExternalSessionID(r *http.Request, paramKeys []string) string {
-	params := r.URL.Query()
-	var sessionId = ""
-	for _, k := range paramKeys {
-		sessionId = params.Get(k)
-		if len(sessionId) != 0 {
-			return sessionId
-		}
-	}
-	return sessionId
-}