[jira] [Work logged] (KNOX-2972) Logout page URL may take query parameters
[ https://issues.apache.org/jira/browse/KNOX-2972?focusedWorklogId=887046=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-887046 ] ASF GitHub Bot logged work on KNOX-2972: Author: ASF GitHub Bot Created on: 24/Oct/23 17:21 Start Date: 24/Oct/23 17:21 Worklog Time Spent: 10m Work Description: smolnar82 merged PR #808: URL: https://github.com/apache/knox/pull/808 Issue Time Tracking --- Worklog Id: (was: 887046) Time Spent: 40m (was: 0.5h) > Logout page URL may take query parameters > - > > Key: KNOX-2972 > URL: https://issues.apache.org/jira/browse/KNOX-2972 > Project: Apache Knox > Issue Type: Improvement > Components: Homepage >Reporter: Sandor Molnar >Assignee: Sandor Molnar >Priority: Major > Fix For: 2.1.0 > > Time Spent: 40m > Remaining Estimate: 0h > > Currently, the logout page URL contains a hard-coded {{originalUrl}} that > points to the Knox Home page without any {{profile}} or {{topologies}} query > parameter. In some cases, it would be beneficial to pass any of those params > when logging out from the application. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (KNOX-2972) Logout page URL may take query parameters
[ https://issues.apache.org/jira/browse/KNOX-2972?focusedWorklogId=886422=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-886422 ] ASF GitHub Bot logged work on KNOX-2972: Author: ASF GitHub Bot Created on: 20/Oct/23 14:07 Start Date: 20/Oct/23 14:07 Worklog Time Spent: 10m Work Description: smolnar82 commented on code in PR #808: URL: https://github.com/apache/knox/pull/808#discussion_r1367024906 ## gateway-service-session/src/main/java/org/apache/knox/gateway/service/session/SessionResource.java: ## @@ -66,15 +73,23 @@ public SessionInformation getSessionInformation() { } private String getBaseGatewayUrl(GatewayConfig config) { -return request.getRequestURL().substring(0, -request.getRequestURL().length() - request.getRequestURI().length()) + -"/" + config.getGatewayPath(); +return request.getRequestURL().substring(0, request.getRequestURL().length() - request.getRequestURI().length()) + "/" + config.getGatewayPath(); } - private String getLogoutPageUrl(GatewayConfig config) { -return getBaseGatewayUrl(config) + -"/knoxsso/knoxauth/logout.jsp?originalUrl=" + getBaseGatewayUrl(config) + -"/homepage/home"; + private String getLogoutPageUrl(GatewayConfig config, String logoutPageProfile, String logoutPageTopologies) { +if (baseLogoutPageUrl == null) { + baseLogoutPageUrl = getBaseGatewayUrl(config) + "/knoxsso/knoxauth/logout.jsp?originalUrl=" + getBaseGatewayUrl(config) + "/homepage/home"; Review Comment: It's always fixed; I just made sure not to re-calculate this string every time. Nothing changed since previous versions. Issue Time Tracking --- Worklog Id: (was: 886422) Time Spent: 0.5h (was: 20m) > Logout page URL may take query parameters > - > > Key: KNOX-2972 > URL: https://issues.apache.org/jira/browse/KNOX-2972 > Project: Apache Knox > Issue Type: Improvement > Components: Homepage >Reporter: Sandor Molnar >Assignee: Sandor Molnar >Priority: Major > Fix For: 2.1.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > Currently, the logout page URL contains a hard-coded {{originalUrl}} that > points to the Knox Home page without any {{profile}} or {{topologies}} query > parameter. In some cases, it would be beneficial to pass any of those params > when logging out from the application. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (KNOX-2972) Logout page URL may take query parameters
[ https://issues.apache.org/jira/browse/KNOX-2972?focusedWorklogId=886415=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-886415 ] ASF GitHub Bot logged work on KNOX-2972: Author: ASF GitHub Bot Created on: 20/Oct/23 13:54 Start Date: 20/Oct/23 13:54 Worklog Time Spent: 10m Work Description: zeroflag commented on code in PR #808: URL: https://github.com/apache/knox/pull/808#discussion_r1367009273 ## gateway-service-session/src/main/java/org/apache/knox/gateway/service/session/SessionResource.java: ## @@ -66,15 +73,23 @@ public SessionInformation getSessionInformation() { } private String getBaseGatewayUrl(GatewayConfig config) { -return request.getRequestURL().substring(0, -request.getRequestURL().length() - request.getRequestURI().length()) + -"/" + config.getGatewayPath(); +return request.getRequestURL().substring(0, request.getRequestURL().length() - request.getRequestURI().length()) + "/" + config.getGatewayPath(); } - private String getLogoutPageUrl(GatewayConfig config) { -return getBaseGatewayUrl(config) + -"/knoxsso/knoxauth/logout.jsp?originalUrl=" + getBaseGatewayUrl(config) + -"/homepage/home"; + private String getLogoutPageUrl(GatewayConfig config, String logoutPageProfile, String logoutPageTopologies) { +if (baseLogoutPageUrl == null) { + baseLogoutPageUrl = getBaseGatewayUrl(config) + "/knoxsso/knoxauth/logout.jsp?originalUrl=" + getBaseGatewayUrl(config) + "/homepage/home"; Review Comment: Is the `knoxsso` part of the URL always fixed, or topology dependent? Issue Time Tracking --- Worklog Id: (was: 886415) Time Spent: 20m (was: 10m) > Logout page URL may take query parameters > - > > Key: KNOX-2972 > URL: https://issues.apache.org/jira/browse/KNOX-2972 > Project: Apache Knox > Issue Type: Improvement > Components: Homepage >Reporter: Sandor Molnar >Assignee: Sandor Molnar >Priority: Major > Fix For: 2.1.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Currently, the logout page URL contains a hard-coded {{originalUrl}} that > points to the Knox Home page without any {{profile}} or {{topologies}} query > parameter. In some cases, it would be beneficial to pass any of those params > when logging out from the application. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (KNOX-2972) Logout page URL may take query parameters
[ https://issues.apache.org/jira/browse/KNOX-2972?focusedWorklogId=886402=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-886402 ] ASF GitHub Bot logged work on KNOX-2972: Author: ASF GitHub Bot Created on: 20/Oct/23 13:14 Start Date: 20/Oct/23 13:14 Worklog Time Spent: 10m Work Description: smolnar82 opened a new pull request, #808: URL: https://github.com/apache/knox/pull/808 ## What changes were proposed in this pull request? Updated the `api/v1/sessioninfo` REST API endpoint in {{SessionResouce}} in a way such that it can generate a `logoutPageUrl` (used by the application logout link in Knox's logout flow) with `profile` and `topologies` query parameters in the `originalUrl` part. ## How was this patch tested? Using `curl`: 1. Without any query params: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo; HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 10:47:30 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 574 admin https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout true 40005574-61f2-4507-aa9f-0171b787ed4c ``` 2. Only with the `logoutPageProfile` param: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo?logoutPageProfile=token; HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 10:48:05 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 588 admin https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home%3Fprofile=token https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout true 40005574-61f2-4507-aa9f-0171b787ed4c ``` 3. Only with the `logoutPageTopologies` param: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo?logoutPageTopologies=sandbox; HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 10:48:52 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 593 admin https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home%3Ftopologies=sandbox https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout true 40005574-61f2-4507-aa9f-0171b787ed4c ``` 4. Both with 'logoutPageProfile' and `logoutPageTopologies` params: ``` $ curl -ik --cookie "hadoop-jwt=eyJra...APA" -X GET "https://localhost:8443/gateway/homepage/session/api/v1/sessioninfo?logoutPageTopologies=sandbox=full; HTTP/1.1 200 OK Date: Fri, 20 Oct 2023 08:07:26 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1;mode=block Content-Type: application/xml Content-Length: 610 admin https://localhost:8443/gateway/homepage/knoxssout/api/v1/webssout https://localhost:8443/gateway/knoxsso/knoxauth/logout.jsp?originalUrl=https://localhost:8443/gateway/homepage/home%3Fprofile=full%26topologies=sandbox https://dev-p8gzwjyj66yvfble.eu.auth0.com/oidc/logout true 40005574-61f2-4507-aa9f-0171b787ed4c ``` I also tested the entire flow by temporarily modifying the `home` application. I updated the [sessionUrl](https://github.com/apache/knox/blob/master/knox-homepage-ui/home/app/homepage.service.ts#L33) variable: ``` sessionUrl = this.topologyContext + 'session/api/v1/sessioninfo' ``` became ``` sessionUrl = this.topologyContext + 'session/api/v1/sessioninfo?logoutPageProfile=token=sandbox' ``` After I redeployed Knox I confirmed that I got the correct link on the logout page and after clicking the `Return to Application` link and logging in again, the given query parameters were applied. https://github.com/apache/knox/assets/34065904/43e20f67-0f26-47e6-b1d6-757c507a7b9c;> https://github.com/apache/knox/assets/34065904/996bdb8a-0418-4138-84cc-45a52bd77f10;> https://github.com/apache/knox/assets/34065904/2a0fb66f-227f-4055-8407-7446418cc621;> Issue Time Tracking --- Worklog Id: (was: 886402) Remaining Estimate: 0h Time Spent: 10m > Logout page URL may take query parameters >