[fix] Logout on sso if needed

2024-09-03 19:55:57 +02:00 · 2023-12-04 16:18:11 +01:00 · 2023-12-04 16:18:11 +01:00 · 8d96380199
commit 8d96380199
parent 76fb4fbc9e
4 changed files with 39 additions and 22 deletions
--- a/manifest.toml
+++ b/manifest.toml
@ -5,7 +5,7 @@ name = "Nextcloud"
 description.en = "Online storage, file sharing platform and various other applications"
 description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications"

-version = "27.1.4~ynh1"
+version = "27.1.4~ynh2"

 maintainers = ["kay0u"]

@ -77,4 +77,4 @@ ram.runtime = "512M"

    [resources.database]
    type = "mysql"
-    
+    
--- a/scripts/install
+++ b/scripts/install
@ -185,12 +185,13 @@ fi
 #=================================================

 # Add dynamic logout URL to the config
+url_base64="$(echo -n "https://$domain$path" | base64)"
 exec_occ config:system:get logout_url >/dev/null 2>&1 \
  || echo "
 //-YunoHost-
 // set logout_url according to main domain
 \$main_domain = exec('cat /etc/yunohost/current_host');
-\$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout';
+\$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout&r=${url_base64}';
 //-YunoHost-
 " >> "$install_dir/config/config.php"

--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -117,10 +117,10 @@ exec_occ() {
    else
        NEXTCLOUD_PHP_VERSION="7.1"
    fi
-    if ! timeout 1 php$NEXTCLOUD_PHP_VERSION 2>/dev/null; then
+    if ! timeout 1 php$NEXTCLOUD_PHP_VERSION &>/dev/null; then
        local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)"
        pkg_dependencies="${pkg_dependencies/$phpversion/$NEXTCLOUD_PHP_VERSION}"
-        ynh_install_app_dependencies "$pkg_dependencies"
+        ynh_install_app_dependencies "$pkg_dependencies" > /dev/null
    fi 
 (cd "$install_dir" && ynh_exec_as "$app" \
    php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
@ -299,14 +299,19 @@ EOF
    #=================================================

    # Add dynamic logout URL to the config
-    exec_occ config:system:get logout_url >/dev/null 2>&1 \
-    || echo "
+    url_base64="$(echo -n "https://$domain$path" | base64)"
+    old_logout_url="https://$(cat /etc/yunohost/current_host)/yunohost/sso/?action=logout"
+    current_logout_url="$(exec_occ config:system:get logout_url 2> /dev/null)"
+    if [[ "$current_logout_url" == "${old_logout_url}" ]] || [[ "$current_logout_url" == "" ]]
+    then
+        echo "
    //-YunoHost-
    // set logout_url according to main domain
-    \$main_domain = exec('cat /etc/yunohost/current_host');
-    \$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout';
+    \$main_domain = file_get_contents('/etc/yunohost/current_host');
+    \$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout&r=${url_base64}';
    //-YunoHost-
-    " >> "$install_dir/config/config.php"
+        " >> "$install_dir/config/config.php"
+    fi

    #=================================================
    # CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS
--- a/sources/patches_last_version/app-00-add-logout_url-conf.patch
+++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch
@ -1,20 +1,31 @@
-diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
-index 13aef8f67a..55d8dbf9d1 100644
--- a/core/Controller/LoginController.php
-+++ b/core/Controller/LoginController.php
-@@ -119,11 +119,12 @@ class LoginController extends Controller {
+diff --git a/root/LoginController.php b/var/www/nextcloud/core/Controller/LoginController.php
+index aa6617c..eb47b80 100644
+--- a/root/LoginController.php
+++ b/var/www/nextcloud/core/Controller/LoginController.php
+@@ -111,16 +111,20 @@ class LoginController extends Controller {
+ 	#[UseSession]
+ 	public function logout() {
+ 		$loginToken = $this->request->getCookie('nc_token');
+		$uuidUser = $this->userSession->getUser()->getUID();
+                $isLdapUser = $this->config->getUserValue($uuidUser, 'user_ldap', 'uid');
+ 		if (!is_null($loginToken)) {
+-			$this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
+			$this->config->deleteUserValue($uuidUser, 'login_token', $loginToken);
 		}
 		$this->userSession->logout();
- 
+-
 -		$response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute(
 -			'core.login.showLoginForm',
-			['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
-+		$redirectUrl = $this->config->getSystemValue('logout_url',
-+			$this->urlGenerator->linkToRouteAbsolute(
-+				'core.login.showLoginForm',
-+				['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers)
- 		));
+-			['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
+-		));
 -
+		$redirectUrl = $this->urlGenerator->linkToRouteAbsolute(
+				'core.login.showLoginForm',
+				['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers)
+		);
+		if (!is_null($isLdapUser)) {
+		    $redirectUrl = $this->config->getSystemValue('logout_url', $redirectUrl);
+		}
 +		$response = new RedirectResponse($redirectUrl);
 		$this->session->set('clearingExecutionContexts', '1');
 		$this->session->close();