fix(oauth): change default microsoft logout url [EE-2044] (#6324)

2022-01-16 08:58:24 +02:00 · 2022-01-16 08:58:24 +02:00 · edf048570b
parent b71ca2afb0
commit edf048570b
2 changed files with 9 additions and 4 deletions
--- a/app/portainer/oauth/components/oauth-settings/oauth-settings.controller.js
+++ b/app/portainer/oauth/components/oauth-settings/oauth-settings.controller.js
@ -3,6 +3,8 @@ import { isLimitedToBE } from '@/portainer/feature-flags/feature-flags.service';
 import { FeatureId } from '@/portainer/feature-flags/enums';
 import providers, { getProviderByUrl } from './providers';

+const MS_TENANT_ID_PLACEHOLDER = 'TENANT_ID';
+
 export default class OAuthSettingsController {
  /* @ngInject */
  constructor($scope) {
@ -28,11 +30,12 @@ export default class OAuthSettingsController {
  }

  onMicrosoftTenantIDChange() {
-    const tenantID = this.state.microsoftTenantID;
+    const tenantID = this.state.microsoftTenantID || MS_TENANT_ID_PLACEHOLDER;

    this.settings.AuthorizationURI = `https://login.microsoftonline.com/${tenantID}/oauth2/authorize`;
    this.settings.AccessTokenURI = `https://login.microsoftonline.com/${tenantID}/oauth2/token`;
    this.settings.ResourceURI = `https://graph.windows.net/${tenantID}/me?api-version=2013-11-08`;
+    this.settings.LogoutURI = `https://login.microsoftonline.com/${tenantID}/oauth2/logout`;
  }

  useDefaultProviderConfiguration(providerId) {
@ -123,8 +126,10 @@ export default class OAuthSettingsController {
      this.state.provider = getProviderByUrl(authUrl);
      if (this.state.provider === 'microsoft') {
        const tenantID = authUrl.match(/login.microsoftonline.com\/(.*?)\//)[1];
-        this.state.microsoftTenantID = tenantID;
-        this.onMicrosoftTenantIDChange();
+        if (tenantID !== MS_TENANT_ID_PLACEHOLDER) {
+          this.state.microsoftTenantID = tenantID;
+          this.onMicrosoftTenantIDChange();
+        }
      }
    }

--- a/app/portainer/oauth/components/oauth-settings/providers.js
+++ b/app/portainer/oauth/components/oauth-settings/providers.js
@ -5,7 +5,7 @@ export default {
    authUrl: 'https://login.microsoftonline.com/TENANT_ID/oauth2/authorize',
    accessTokenUrl: 'https://login.microsoftonline.com/TENANT_ID/oauth2/token',
    resourceUrl: 'https://graph.windows.net/TENANT_ID/me?api-version=2013-11-08',
-    logoutUrl: `https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=${window.location.origin}${baseHref()}#!/auth`,
+    logoutUrl: `https://login.microsoftonline.com/TENANT_ID/oauth2/logout`,
    userIdentifier: 'userPrincipalName',
    scopes: 'id,email,name',
  },