gitea-admin/lti-api
1
0
Fork 0
mirror of https://gitlab.com/mbugroup/lti-api.git synced 2026-05-20 21:41:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feat(BE-69,70,71,72,73): crud and integration sso with lti, revoke_token

Browse Source
This commit is contained in:
ragilap
2025-10-21 20:31:10 +07:00
parent e239246d02
commit ab8c5d2ec4
6 changed files with 119 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/modules/sso/controllers/sso.controller.go
+14 -5
View File
@@ -105,9 +105,9 @@ func (h *Controller) Start(c *fiber.Ctx) error {
query.Set("code_challenge", challenge)
query.Set("code_challenge_method", "S256")
query.Set("nonce", nonce)
if prompt := strings.TrimSpace(cfg.Prompt); prompt != "" {
query.Set("prompt", prompt)
}
// if prompt := strings.TrimSpace(cfg.Prompt); prompt != "" {
// query.Set("prompt", prompt)
// }
if extraPrompt := strings.TrimSpace(c.Query("prompt")); extraPrompt != "" {
query.Set("prompt", extraPrompt)
}
@@ -323,7 +323,6 @@ func (h *Controller) Logout(c *fiber.Ctx) error {
if requestedAlias == "" {
requestedAlias = normalizeClientParam(c.Query("client_id"))
}
var (
alias string
cfg config.SSOClientConfig
@@ -343,7 +342,6 @@ func (h *Controller) Logout(c *fiber.Ctx) error {
if refreshName != "" {
refreshToken = strings.TrimSpace(c.Cookies(refreshName))
}
hadAccessCookie := accessToken != ""
hadRefreshCookie := refreshToken != ""
@@ -362,6 +360,11 @@ func (h *Controller) Logout(c *fiber.Ctx) error {
if verification, err := sso.VerifyAccessToken(accessToken); err != nil {
utils.Log.WithError(err).Warn("failed to verify access token during logout")
} else {
if revoker := session.GetRevocationStore(); revoker != nil {
if err := revoker.MarkUserLogout(c.Context(), verification.UserID, time.Now().UTC()); err != nil {
utils.Log.WithError(err).Warn("failed to mark user logout")
}
}
h.revokeToken(c.Context(), accessToken, verification)
}
}
@@ -450,6 +453,12 @@ func issueCookies(c *fiber.Ctx, tokenResp struct {
Error string `json:"error"`
Description string `json:"error_description"`
}, verification *sso.VerificationResult) {
if revoker := session.GetRevocationStore(); revoker != nil && verification != nil {
if err := revoker.ClearUserLogout(c.Context(), verification.UserID); err != nil {
utils.Log.WithError(err).Warn("failed to clear logout marker")
}
}
accessName := resolveSSOCookieName(config.SSOAccessCookieName, "access")
refreshName := resolveSSOCookieName(config.SSORefreshCookieName, "refresh")
maxAge := tokenResp.ExpiresIn