[ https://issues.apache.org/jira/browse/KNOX-2972?focusedWorklogId=886402&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-886402 ]
ASF GitHub Bot logged work on KNOX-2972: ---------------------------------------- Author: ASF GitHub Bot Created on: 20/Oct/23 13:14 Start Date: 20/Oct/23 13:14 Worklog Time Spent: 10m Work Description: smolnar82 opened a new pull request, #808: URL: https://github.com/apache/knox/pull/808 ## What changes were proposed in this pull request? Updated the `api/v1/sessioninfo` REST API endpoint in {{SessionResouce}} in a way such that it can generate a `logoutPageUrl` (used by the application logout link in Knox's logout flow) with `profile` and `topologies` query parameters in the `originalUrl` part. ## How was this patch tested? Using `curl`: 1. Without any query params: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo" HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 10:47:30 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 574 <?xml version="1.0" encoding="UTF-8"?> <sessioninfo> <user>admin</user> <logoutUrl>https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout</logoutUrl> <logoutPageUrl>https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home</logoutPageUrl> <globalLogoutPageUrl>https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout</globalLogoutPageUrl> <canSeeAllTokens>true</canSeeAllTokens> <currentKnoxSsoCookieTokenId>40005574-61f2-4507-aa9f-0171b787ed4c</currentKnoxSsoCookieTokenId> </sessioninfo> ``` 2. Only with the `logoutPageProfile` param: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo?logoutPageProfile=token" HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 10:48:05 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 588 <?xml version="1.0" encoding="UTF-8"?> <sessioninfo> <user>admin</user> <logoutUrl>https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout</logoutUrl> <logoutPageUrl>https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home%3Fprofile=token</logoutPageUrl> <globalLogoutPageUrl>https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout</globalLogoutPageUrl> <canSeeAllTokens>true</canSeeAllTokens> <currentKnoxSsoCookieTokenId>40005574-61f2-4507-aa9f-0171b787ed4c</currentKnoxSsoCookieTokenId> </sessioninfo> ``` 3. Only with the `logoutPageTopologies` param: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo?logoutPageTopologies=sandbox" HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 10:48:52 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 593 <?xml version="1.0" encoding="UTF-8"?> <sessioninfo> <user>admin</user> <logoutUrl>https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout</logoutUrl> <logoutPageUrl>https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home%3Ftopologies=sandbox</logoutPageUrl> <globalLogoutPageUrl>https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout</globalLogoutPageUrl> <canSeeAllTokens>true</canSeeAllTokens> <currentKnoxSsoCookieTokenId>40005574-61f2-4507-aa9f-0171b787ed4c</currentKnoxSsoCookieTokenId> </sessioninfo> ``` 4. Both with 'logoutPageProfile' and `logoutPageTopologies` params: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo?logoutPageTopologies=sandbox&logoutPageProfile=full" HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 08:07:26 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 610 <?xml version="1.0" encoding="UTF-8"?> <sessioninfo> <user>admin</user> <logoutUrl>https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout</logoutUrl> <logoutPageUrl>https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home%3Fprofile=full%26topologies=sandbox</logoutPageUrl> <globalLogoutPageUrl>https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout</globalLogoutPageUrl> <canSeeAllTokens>true</canSeeAllTokens> <currentKnoxSsoCookieTokenId>40005574-61f2-4507-aa9f-0171b787ed4c</currentKnoxSsoCookieTokenId> </sessioninfo> ``` I also tested the entire flow by temporarily modifying the `home` application. I updated the [sessionUrl](https://github.com/apache/knox/blob/master/knox-homepage-ui/home/app/homepage.service.ts#L33) variable: ``` sessionUrl = this.topologyContext + 'session/api/v1/sessioninfo' ``` became ``` sessionUrl = this.topologyContext + 'session/api/v1/sessioninfo?logoutPageProfile=token&logoutPageTopologies=sandbox' ``` After I redeployed Knox I confirmed that I got the correct link on the logout page and after clicking the `Return to Application` link and logging in again, the given query parameters were applied. <img width="1787" alt="Screenshot 2023-10-20 at 15 12 42" src="https://github.com/apache/knox/assets/34065904/43e20f67-0f26-47e6-b1d6-757c507a7b9c"> <img width="1784" alt="Screenshot 2023-10-20 at 15 13 53" src="https://github.com/apache/knox/assets/34065904/996bdb8a-0418-4138-84cc-45a52bd77f10"> <img width="1787" alt="Screenshot 2023-10-20 at 15 14 13" src="https://github.com/apache/knox/assets/34065904/2a0fb66f-227f-4055-8407-7446418cc621"> Issue Time Tracking ------------------- Worklog Id: (was: 886402) Remaining Estimate: 0h Time Spent: 10m > Logout page URL may take query parameters > ----------------------------------------- > > Key: KNOX-2972 > URL: https://issues.apache.org/jira/browse/KNOX-2972 > Project: Apache Knox > Issue Type: Improvement > Components: Homepage > Reporter: Sandor Molnar > Assignee: Sandor Molnar > Priority: Major > Fix For: 2.1.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Currently, the logout page URL contains a hard-coded {{originalUrl}} that > points to the Knox Home page without any {{profile}} or {{topologies}} query > parameter. In some cases, it would be beneficial to pass any of those params > when logging out from the application. -- This message was sent by Atlassian Jira (v8.20.10#820010)