From c2266720f985789f6374524c6b610e2c0855c31b Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Sun, 6 Dec 2020 11:19:22 +0100
Subject: [PATCH] Unauthenticated logout request with route & improve unit test
 (#2342)

---
 .../lib/Lemonldap/NG/Portal/Main/Init.pm       |  3 ++-
 .../lib/Lemonldap/NG/Portal/Main/Process.pm    |  1 +
 .../lib/Lemonldap/NG/Portal/Main/Run.pm        | 18 ++++++++++++++++++
 lemonldap-ng-portal/t/01-Unauth-Logout.t       | 17 ++++++++++++++++-
 4 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
index 57e10d951..8cbd72a4e 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
@@ -182,7 +182,8 @@ sub setPortalRoutes {
       ->addUnauthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
 
       # Logout
-      ->addAuthRoute( logout => 'logout', ['GET'] );
+      ->addAuthRoute( logout => 'logout', ['GET'] )
+      ->addUnauthRoute( logout => 'unauthLogout', ['GET'] );
 
     # Default routes must point to routines declared above
     $self->defaultAuthRoute('');
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
index 5ec3937f3..63f717fd4 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
@@ -182,6 +182,7 @@ sub checkLogout {
 sub checkUnauthLogout {
     my ( $self, $req ) = @_;
     if ( defined $req->param('logout') ) {
+        $self->userLogger->info('Unauthenticated logout request');
         $self->logger->debug('Cleaning pdata');
         $self->logger->debug("Removing $self->{conf}->{cookieName} cookie");
         $req->pdata({});
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
index 72252909d..3689eeba9 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@@ -233,6 +233,24 @@ sub logout {
     );
 }
 
+sub unauthLogout {
+    my ( $self, $req ) = @_;
+    $self->userLogger->info('Unauthenticated logout request');
+    $self->logger->debug('Cleaning pdata');
+    $self->logger->debug("Removing $self->{conf}->{cookieName} cookie");
+    $req->pdata( {} );
+    $req->addCookie(
+        $self->cookie(
+            name    => $self->conf->{cookieName},
+            domain  => $self->conf->{domain},
+            secure  => $self->conf->{securedCookie},
+            expires => 'Wed, 21 Oct 2015 00:00:00 GMT',
+            value   => 0
+        )
+    );
+    return $self->do( $req, [ sub { PE_LOGOUT_OK } ] );
+}
+
 # RUNNING METHODS
 # ---------------
 
diff --git a/lemonldap-ng-portal/t/01-Unauth-Logout.t b/lemonldap-ng-portal/t/01-Unauth-Logout.t
index eda2f9702..d8335305d 100644
--- a/lemonldap-ng-portal/t/01-Unauth-Logout.t
+++ b/lemonldap-ng-portal/t/01-Unauth-Logout.t
@@ -7,7 +7,7 @@ my $res;
 my $client = LLNG::Manager::Test->new(
     { ini => { logLevel => 'debug', useSafeJail => 1 } } );
 
-# Test normal first access
+# Test unauthenticated logout request with param
 ok(
     $res = $client->_get(
         '/',
@@ -23,6 +23,21 @@ ok( $res->[2]->[0] =~ m%<div class="message message-positive alert"><span trmsg=
 expectCookie($res);
 count(3);
 
+# Test unauthenticated logout request access with route
+ok(
+    $res = $client->_get(
+        '/logout',
+        accept => 'text/html'
+    ),
+    'Get logout page'
+);
+ok( $res->[2]->[0] =~ m%<span id="languages"></span>%, ' Language icons found' )
+  or print STDERR Dumper( $res->[2]->[0] );
+ok( $res->[2]->[0] =~ m%<div class="message message-positive alert"><span trmsg="47">%, ' PE_LOGOUT_OK' )
+  or print STDERR Dumper( $res->[2]->[0] );
+expectCookie($res);
+count(3);
+
 #print STDERR Dumper($res);
 
 clean_sessions();