From da473602240d58b287444a25f3b323b948c92a66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thibault=20L=C3=A9cuyer?= <github@privateco.net>
Date: Thu, 2 Mar 2023 13:36:06 +0100
Subject: [PATCH] Call /oidc/logout/ before logging in to ensure there is no
 session left on taiga-back

---
 front/coffee/oidc_auth.coffee | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

diff --git a/front/coffee/oidc_auth.coffee b/front/coffee/oidc_auth.coffee
index d5f7f9d..8cec7f8 100644
--- a/front/coffee/oidc_auth.coffee
+++ b/front/coffee/oidc_auth.coffee
@@ -1,6 +1,6 @@
 module = angular.module('taigaContrib.oidcAuth', [])
 
-OIDCLoginButtonDirective = ($window, $params, $location, $config, $events, $confirm, $auth, $navUrls, $loader, $rootScope) ->
+OIDCLoginButtonDirective = ($window, $params, $location, $config, $events, $confirm, $auth, $navUrls, $loader, $rootScope, $tgHttp) ->
     # Login or register a user with their OIDC account.
 
     link = ($scope, $el, $attrs) ->
@@ -65,18 +65,21 @@ OIDCLoginButtonDirective = ($window, $params, $location, $config, $events, $conf
         loginWithOIDCAccount()
 
         $el.on "click", ".button-auth", (event) ->
-            if $params.next and $params.next != $navUrls.resolve("login")
-                nextUrl = $params.next
-            else
-                nextUrl = $navUrls.resolve("home")
-            base_url = $config.get("api", "/api/v1/").split('/').slice(0, -3).join("/")
-            url = urljoin(
-                base_url,
-                $config.get("oidcMountPoint", "/oidc"),
-                "authenticate/"
-            )
-            url += "?next=" + nextUrl
-            $window.location.href = url
+            $tgHttp.post("/oidc/logout/").then (r) ->
+                if $params.next and $params.next != $navUrls.resolve("login")
+                    nextUrl = $params.next
+                else
+                    nextUrl = $navUrls.resolve("home")
+                base_url = $config.get("api", "/api/v1/").split('/').slice(0, -3).join("/")
+                url = urljoin(
+                    base_url,
+                    $config.get("oidcMountPoint", "/oidc"),
+                    "authenticate/"
+                )
+                url += "?next=" + nextUrl
+                $window.location.href = url
+            .catch (e) ->
+                console.error("failed logging out: #{ e }")
 
         $scope.$on "$destroy", ->
             $el.off()
@@ -93,5 +96,5 @@ OIDCLoginButtonDirective = ($window, $params, $location, $config, $events, $conf
 
 module.directive("tgOidcLoginButton", [
    "$window", '$routeParams', "$tgLocation", "$tgConfig", "$tgEvents",
-   "$tgConfirm", "$tgAuth", "$tgNavUrls", "tgLoader", "$rootScope",
+   "$tgConfirm", "$tgAuth", "$tgNavUrls", "tgLoader", "$rootScope", "$tgHttp",
    OIDCLoginButtonDirective])