investigative logs for pizza

api.planx.uk/modules/auth/controller.ts

@@ -14,9 +14,21 @@ export const logout: RequestHandler = (req, res) => {
   console.log("And the user specifically...");
   console.log(req.user);
 
+  const sid = req.query.sid;
+  const iss = req.query.iss;
+
+  console.log("SID: ", sid);
+  console.log("ISS: ", iss);
+
+  // split redirect for Microsoft front channel vs. internal logout (for former, return 200!)
+  if (req.query.sid) {
+    res.status(200).send("Logged out");
+  }
+
   req.logout(() => {
     // do nothing
   });
+
   res.redirect(process.env.EDITOR_URL_EXT!);
 };
 

api.planx.uk/modules/auth/routes.ts

@@ -7,6 +7,7 @@ export default (passport: Authenticator): Router => {
   const router = Router();
 
   router.get("/logout", Controller.logout);
+  // router.get("/auth/frontchannel-logout", Controller.frontChannelLogout)
   router.get("/auth/login/failed", Controller.failedLogin);
   router.get("/auth/google", Middleware.getGoogleAuthHandler(passport));
   router.get(

api.planx.uk/modules/auth/strategy/microsoft-oidc.ts

@@ -36,6 +36,10 @@ export const getMicrosoftOidcStrategy = (client: Client): Strategy<Client> => {
       // TODO: use tokenSet.state to pass the redirectTo query param through the auth flow
 
       const claims = tokenSet.claims();
+
+      console.log("claims:")
+      console.log(claims)
+
       const email = claims.email;
       const returned_nonce = claims.nonce;