mirror of
https://github.com/nais/wonderwall.git
synced 2026-05-15 04:46:42 +00:00
55 lines
1.2 KiB
Go
55 lines
1.2 KiB
Go
package client
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"github.com/nais/wonderwall/pkg/openid"
|
|
urlpkg "github.com/nais/wonderwall/pkg/url"
|
|
)
|
|
|
|
type LogoutCallback struct {
|
|
*Client
|
|
cookie *openid.LogoutCookie
|
|
validator urlpkg.Validator
|
|
request *http.Request
|
|
}
|
|
|
|
func NewLogoutCallback(c *Client, r *http.Request, cookie *openid.LogoutCookie, validator urlpkg.Validator) *LogoutCallback {
|
|
return &LogoutCallback{
|
|
Client: c,
|
|
cookie: cookie,
|
|
validator: validator,
|
|
request: r,
|
|
}
|
|
}
|
|
|
|
func (in *LogoutCallback) PostLogoutRedirectURI() string {
|
|
if in.cookie != nil && in.stateMismatchError() == nil && in.validator.IsValidRedirect(in.request, in.cookie.RedirectTo) {
|
|
return in.cookie.RedirectTo
|
|
}
|
|
|
|
defaultRedirect := in.cfg.Client().PostLogoutRedirectURI()
|
|
if defaultRedirect != "" {
|
|
return defaultRedirect
|
|
}
|
|
|
|
ingress, err := urlpkg.MatchingIngress(in.request)
|
|
if err != nil {
|
|
return "/"
|
|
}
|
|
|
|
return ingress.String()
|
|
}
|
|
|
|
func (in *LogoutCallback) stateMismatchError() error {
|
|
if in.cookie == nil {
|
|
return fmt.Errorf("logout cookie is nil")
|
|
}
|
|
|
|
expectedState := in.cookie.State
|
|
actualState := in.request.URL.Query().Get(openid.State)
|
|
|
|
return StateMismatchError(expectedState, actualState)
|
|
}
|