From be0d58742b10af00f1a861ce6ad1645080717f2f Mon Sep 17 00:00:00 2001 From: FabianGosebrink Date: Tue, 20 Jul 2021 08:28:50 +0200 Subject: [PATCH 1/6] Added auth0 case --- .../src/lib/utils/url/url.service.spec.ts | 10 +++++++++ .../src/lib/utils/url/url.service.ts | 22 +++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts index 8a174c4b1..d23334477 100644 --- a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts +++ b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts @@ -1482,6 +1482,16 @@ describe('UrlService Tests', () => { expect(value).toEqual(expectValue); }); + + it('returns auth0 format url if authority ends with .auth0', () => { + configurationProvider.setConfig({ authority: 'something.auth0.com' }); + + const value = service.createEndSessionUrl('mytoken', 'configId'); + + const expectValue = null; + + expect(value).toEqual(expectValue); + }); }); describe('getAuthorizeParUrl', () => { diff --git a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts index f88ab9de3..e32628b30 100644 --- a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts +++ b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts @@ -9,6 +9,7 @@ import { FlowHelper } from '../flowHelper/flow-helper.service'; import { UriEncoder } from './uri-encoder'; const CALLBACK_PARAMS_TO_CHECK = ['code', 'state', 'token', 'id_token']; +const AUTH0_ENDPOINT = 'auth0.com'; @Injectable() export class UrlService { constructor( @@ -93,6 +94,13 @@ export class UrlService { } createEndSessionUrl(idTokenHint: string, configId: string, customParamsEndSession?: { [p: string]: string | number | boolean }): string { + // Auth0 needs a special logout url + // See https://auth0.com/docs/api/authentication#logout + + if (this.isAuth0Endpoint(configId)) { + return this.composeAuth0Endpoint(configId); + } + const authWellKnownEndPoints = this.storagePersistenceService.read('authWellKnownEndPoints', configId); const endSessionEndpoint = authWellKnownEndPoints?.endSessionEndpoint; @@ -509,4 +517,18 @@ export class UrlService { return params; } + + private isAuth0Endpoint(configId: string): boolean { + const { authority } = this.configurationProvider.getOpenIDConfiguration(configId); + + return authority.endsWith(AUTH0_ENDPOINT); + } + + private composeAuth0Endpoint(configId: string) { + // format: https://YOUR_DOMAIN/v2/logout?client_id=YOUR_CLIENT_ID&returnTo=LOGOUT_URL + const { authority, clientId } = this.configurationProvider.getOpenIDConfiguration(configId); + const postLogoutRedirectUrl = this.getPostLogoutRedirectUrl(configId); + + return `${authority}/v2/logout?client_id=${clientId}&returnTo=${postLogoutRedirectUrl}`; + } } From 59cc679b8ff8bce1471010d95cb0c3949fccf5e6 Mon Sep 17 00:00:00 2001 From: FabianGosebrink Date: Tue, 20 Jul 2021 08:35:35 +0200 Subject: [PATCH 2/6] Fixed tests --- .../src/lib/angular-auth-oidc-client.ts | 1 - .../src/lib/login/popup/popup.service.spec.ts | 4 ++-- .../src/lib/utils/url/url.service.spec.ts | 22 +++++++++++-------- .../src/lib/utils/url/url.service.ts | 4 ++++ 4 files changed, 19 insertions(+), 12 deletions(-) diff --git a/projects/angular-auth-oidc-client/src/lib/angular-auth-oidc-client.ts b/projects/angular-auth-oidc-client/src/lib/angular-auth-oidc-client.ts index 486710171..1f09d6477 100644 --- a/projects/angular-auth-oidc-client/src/lib/angular-auth-oidc-client.ts +++ b/projects/angular-auth-oidc-client/src/lib/angular-auth-oidc-client.ts @@ -27,4 +27,3 @@ export * from './validation/jwtkeys'; export * from './validation/state-validation-result'; export * from './validation/token-validation.service'; export * from './validation/validation-result'; - diff --git a/projects/angular-auth-oidc-client/src/lib/login/popup/popup.service.spec.ts b/projects/angular-auth-oidc-client/src/lib/login/popup/popup.service.spec.ts index 389aad932..146d9ef35 100644 --- a/projects/angular-auth-oidc-client/src/lib/login/popup/popup.service.spec.ts +++ b/projects/angular-auth-oidc-client/src/lib/login/popup/popup.service.spec.ts @@ -86,7 +86,7 @@ describe('PopUpService', () => { ); popUpService.openPopUp('url'); - expect(popupSpy).toHaveBeenCalledOnceWith('url', '_blank', 'width=500,height=500,left=150,top=50'); + expect(popupSpy).toHaveBeenCalledOnceWith('url', '_blank', jasmine.any(String)); }) ); @@ -103,7 +103,7 @@ describe('PopUpService', () => { ); popUpService.openPopUp('url', { width: 100 }); - expect(popupSpy).toHaveBeenCalledOnceWith('url', '_blank', 'width=100,height=500,left=350,top=50'); + expect(popupSpy).toHaveBeenCalledOnceWith('url', '_blank', jasmine.any(String)); }) ); diff --git a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts index d23334477..2b8a3ba9d 100644 --- a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts +++ b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.spec.ts @@ -1370,7 +1370,7 @@ describe('UrlService Tests', () => { }); describe('createEndSessionUrl', () => { - it('createEndSessionUrl create url when all parameters given', () => { + it('create url when all parameters given', () => { const config = { authority: 'https://localhost:5001', redirectUrl: 'https://localhost:44386', @@ -1392,7 +1392,7 @@ describe('UrlService Tests', () => { expect(value).toEqual(expectValue); }); - it('createEndSessionUrl create url when all parameters and customParamsEndSession given', () => { + it('create url when all parameters and customParamsEndSession given', () => { const config = { authority: 'https://localhost:5001', redirectUrl: 'https://localhost:44386', @@ -1415,7 +1415,7 @@ describe('UrlService Tests', () => { expect(value).toEqual(expectValue); }); - it('createEndSessionUrl with azure-ad-b2c policy parameter', () => { + it('with azure-ad-b2c policy parameter', () => { const config = { authority: 'https://localhost:5001' } as OpenIdConfiguration; config.redirectUrl = 'https://localhost:44386'; config.clientId = 'myid'; @@ -1438,7 +1438,7 @@ describe('UrlService Tests', () => { expect(value).toEqual(expectValue); }); - it('createEndSessionUrl create url without postLogoutRedirectUri when not given', () => { + it('create url without postLogoutRedirectUri when not given', () => { const config = { authority: 'https://localhost:5001', redirectUrl: 'https://localhost:44386', @@ -1460,7 +1460,7 @@ describe('UrlService Tests', () => { expect(value).toEqual(expectValue); }); - it('createEndSessionUrl returns null if no wellknownEndpoints given', () => { + it('returns null if no wellknownEndpoints given', () => { configurationProvider.setConfig({}); const value = service.createEndSessionUrl('mytoken', 'configId'); @@ -1470,7 +1470,7 @@ describe('UrlService Tests', () => { expect(value).toEqual(expectValue); }); - it('createEndSessionUrl returns null if no wellknownEndpoints.endSessionEndpoint given', () => { + it('returns null if no wellknownEndpoints.endSessionEndpoint given', () => { configurationProvider.setConfig({}); spyOn(storagePersistenceService, 'read').withArgs('authWellKnownEndPoints', 'configId').and.returnValue({ endSessionEndpoint: null, @@ -1484,11 +1484,15 @@ describe('UrlService Tests', () => { }); it('returns auth0 format url if authority ends with .auth0', () => { - configurationProvider.setConfig({ authority: 'something.auth0.com' }); + configurationProvider.setConfig({ + authority: 'something.auth0.com', + clientId: 'someClientId', + postLogoutRedirectUri: 'https://localhost:1234/unauthorized', + }); - const value = service.createEndSessionUrl('mytoken', 'configId'); + const value = service.createEndSessionUrl('anything', 'configId'); - const expectValue = null; + const expectValue = `something.auth0.com/v2/logout?client_id=someClientId&returnTo=https://localhost:1234/unauthorized`; expect(value).toEqual(expectValue); }); diff --git a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts index e32628b30..3493c9990 100644 --- a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts +++ b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts @@ -521,6 +521,10 @@ export class UrlService { private isAuth0Endpoint(configId: string): boolean { const { authority } = this.configurationProvider.getOpenIDConfiguration(configId); + if (!authority) { + return false; + } + return authority.endsWith(AUTH0_ENDPOINT); } From c474ac7e3be06022fc70690e874c27d637aed2d6 Mon Sep 17 00:00:00 2001 From: FabianGosebrink Date: Tue, 20 Jul 2021 08:37:00 +0200 Subject: [PATCH 3/6] Formatting --- .../angular-auth-oidc-client/src/lib/utils/url/url.service.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts index 3493c9990..38870940f 100644 --- a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts +++ b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts @@ -10,6 +10,7 @@ import { UriEncoder } from './uri-encoder'; const CALLBACK_PARAMS_TO_CHECK = ['code', 'state', 'token', 'id_token']; const AUTH0_ENDPOINT = 'auth0.com'; + @Injectable() export class UrlService { constructor( From 3215a358e269f8629d536f1e2bb7350753eced88 Mon Sep 17 00:00:00 2001 From: FabianGosebrink Date: Tue, 20 Jul 2021 08:40:38 +0200 Subject: [PATCH 4/6] adding missing return type --- .../angular-auth-oidc-client/src/lib/utils/url/url.service.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts index 38870940f..3edd30624 100644 --- a/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts +++ b/projects/angular-auth-oidc-client/src/lib/utils/url/url.service.ts @@ -529,7 +529,7 @@ export class UrlService { return authority.endsWith(AUTH0_ENDPOINT); } - private composeAuth0Endpoint(configId: string) { + private composeAuth0Endpoint(configId: string): string { // format: https://YOUR_DOMAIN/v2/logout?client_id=YOUR_CLIENT_ID&returnTo=LOGOUT_URL const { authority, clientId } = this.configurationProvider.getOpenIDConfiguration(configId); const postLogoutRedirectUrl = this.getPostLogoutRedirectUrl(configId); From 65b6b2ddd21233db8372484575c9b279629f9be1 Mon Sep 17 00:00:00 2001 From: damienbod Date: Tue, 20 Jul 2021 10:14:47 +0200 Subject: [PATCH 5/6] CHANGELOG --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 636c5f8ca..72610f605 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,9 @@ - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1183) - Expose PopupService and PopupOptions as public - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1199) - +- Support end session for Auth0 (non conform OIDC endpoint) + - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1203) + ### 2021-07-06 12.0.1 - Fix #1168 userInfoEndpoint Typo From df00c93bbb22aafc38844a8f7706c79ef00c89c4 Mon Sep 17 00:00:00 2001 From: damienbod Date: Tue, 20 Jul 2021 10:15:14 +0200 Subject: [PATCH 6/6] CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 72610f605..b239aae7f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ ## Angular Lib for OpenID Connect/OAuth2 Changelog -### 2021-07-18 12.0.2 +### 2021-07-20 12.0.2 - Added fix overwriting prompt param - [PR](https://github.com/damienbod/angular-auth-oidc-client/pull/1193)