From 595be63be6ff89dc72edeea8cb451e5889a0ac71 Mon Sep 17 00:00:00 2001
From: vincent porte <vincent@neuralia.co>
Date: Tue, 17 Oct 2023 16:16:58 +0200
Subject: [PATCH] (inclusion_connect) make logout compliant with new django
 Inclusion Connect

---
 .../inclusion_connect/tests/tests_views.py    | 20 +++++++------------
 lacommunaute/inclusion_connect/views.py       | 14 +++----------
 2 files changed, 10 insertions(+), 24 deletions(-)

diff --git a/lacommunaute/inclusion_connect/tests/tests_views.py b/lacommunaute/inclusion_connect/tests/tests_views.py
index 8e84a2bd8..e82c9dc2b 100644
--- a/lacommunaute/inclusion_connect/tests/tests_views.py
+++ b/lacommunaute/inclusion_connect/tests/tests_views.py
@@ -189,21 +189,15 @@ def test_normal_signin(self):
 
 class InclusionConnectLogoutTest(InclusionConnectBaseTestCase):
     @respx.mock
-    def test_simple_logout(self):
+    def test_logout_with_redirection(self):
         mock_oauth_dance(self)
+        params = {
+            "id_token_hint": 123456,
+            "post_logout_redirect_uri": f'http://testserver{reverse("pages:home")}',
+        }
+        expected_redirection = f"{constants.INCLUSION_CONNECT_ENDPOINT_LOGOUT}?{urlencode(params)}"
         respx.get(constants.INCLUSION_CONNECT_ENDPOINT_LOGOUT).respond(200)
         logout_url = reverse("inclusion_connect:logout")
         response = self.client.get(logout_url)
-        self.assertRedirects(response, reverse("pages:home"))
         self.assertFalse(auth.get_user(self.client).is_authenticated)
-
-    @respx.mock
-    def test_logout_with_redirection(self):
-        mock_oauth_dance(self)
-        expected_redirection = reverse("pages:home")
-        respx.get(constants.INCLUSION_CONNECT_ENDPOINT_LOGOUT).respond(200)
-
-        params = {"redirect_url": expected_redirection}
-        logout_url = f"{reverse('inclusion_connect:logout')}?{urlencode(params)}"
-        response = self.client.get(logout_url)
-        self.assertRedirects(response, expected_redirection)
+        self.assertRedirects(response, expected_redirection, fetch_redirect_response=False)
diff --git a/lacommunaute/inclusion_connect/views.py b/lacommunaute/inclusion_connect/views.py
index 2064b4fc9..70e62e763 100644
--- a/lacommunaute/inclusion_connect/views.py
+++ b/lacommunaute/inclusion_connect/views.py
@@ -151,8 +151,7 @@ def inclusion_connect_callback(request):  # pylint: disable=too-many-return-stat
 
 def inclusion_connect_logout(request):
     token = request.GET.get("token")
-    state = request.GET.get("state")
-    post_logout_redirect_url = request.GET.get("redirect_url", reverse("pages:home"))
+    post_logout_redirect_uri = request.GET.get("redirect_url", reverse("pages:home"))
 
     # Fallback on session data.
     if not token:
@@ -160,20 +159,13 @@ def inclusion_connect_logout(request):
         if not ic_session:
             raise KeyError("Missing session key.")
         token = ic_session["token"]
-        state = ic_session["state"]
 
     params = {
         "id_token_hint": token,
-        "state": state,
+        "post_logout_redirect_uri": request.build_absolute_uri(post_logout_redirect_uri),
     }
     complete_url = f"{constants.INCLUSION_CONNECT_ENDPOINT_LOGOUT}?{urlencode(params)}"
-    # Logout user from IC with HTTPX to benefit from respx in tests
-    # and to handle post logout redirection more easily.
-    response = httpx.get(complete_url)
-    if response.status_code != 200:
-        logger.error("Error during IC logout. Status code: %s", response.status_code)
 
-    # Logout user from Django
     logout(request)
 
-    return HttpResponseRedirect(post_logout_redirect_url)
+    return HttpResponseRedirect(complete_url)