Skip to content

Commit

Permalink
Merge pull request #34 from vshn/fix/logout
Browse files Browse the repository at this point in the history 
Fix logout call to not use privileged endpoint
  • Loading branch information
@glrf
glrf authored Jun 17, 2022
2 parents 834a16b + b24be52 commit e7751bd
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 11 deletions.
12 changes: 6 additions & 6 deletions keycloak/ZZ_mock_gocloak_test.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions keycloak/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ func (errs *MembershipSyncErrors) Error() string {
// This keeps the mock at a more reasonable size
type GoCloak interface {
LoginAdmin(ctx context.Context, username, password, realm string) (*gocloak.JWT, error)
LogoutUserSession(ctx context.Context, accessToken, realm, session string) error
LogoutPublicClient(ctx context.Context, clientID, realm, accessToken, refreshToken string) error

CreateGroup(ctx context.Context, accessToken, realm string, group gocloak.Group) (string, error)
CreateChildGroup(ctx context.Context, accessToken, realm, groupID string, group gocloak.Group) (string, error)
Expand Down Expand Up @@ -302,7 +302,8 @@ func (c Client) login(ctx context.Context) (*gocloak.JWT, error) {
}

func (c Client) logout(ctx context.Context, token *gocloak.JWT) error {
return c.Client.LogoutUserSession(ctx, token.AccessToken, c.loginRealm(), token.SessionState)
// `admin-cli` is the client used when authenticating to the admin API
return c.Client.LogoutPublicClient(ctx, "admin-cli", c.loginRealm(), token.AccessToken, token.RefreshToken)
}

func (c Client) getGroup(ctx context.Context, token *gocloak.JWT, toSearch Group) (*gocloak.Group, error) {
Expand Down
6 changes: 4 additions & 2 deletions keycloak/client_login_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,11 @@ func TestLogin(t *testing.T) {
Return(&gocloak.JWT{
SessionState: "session",
AccessToken: "token",
RefreshToken: "refresh",
}, nil).
AnyTimes()
mKeycloak.EXPECT().
LogoutUserSession(gomock.Any(), "token", "target-realm", "session").
LogoutPublicClient(gomock.Any(), "admin-cli", "target-realm", "token", "refresh").
Return(nil).
AnyTimes()

Expand All @@ -55,10 +56,11 @@ func TestLogin_WithLoginRealm(t *testing.T) {
Return(&gocloak.JWT{
SessionState: "session",
AccessToken: "token",
RefreshToken: "refresh",
}, nil).
AnyTimes()
mKeycloak.EXPECT().
LogoutUserSession(gomock.Any(), "token", "login-realm", "session").
LogoutPublicClient(gomock.Any(), "admin-cli", "login-realm", "token", "refresh").
Return(nil).
AnyTimes()

Expand Down
3 changes: 2 additions & 1 deletion keycloak/suite_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,11 @@ func mockLogin(mgc *MockGoCloak, c Client) {
Return(&gocloak.JWT{
SessionState: "session",
AccessToken: "token",
RefreshToken: "refresh",
}, nil).
AnyTimes()
mgc.EXPECT().
LogoutUserSession(gomock.Any(), "token", c.Realm, "session").
LogoutPublicClient(gomock.Any(), "admin-cli", c.Realm, "token", "refresh").
Return(nil).
AnyTimes()
}
Expand Down

0 comments on commit e7751bd

Please sign in to comment.