hydra-webauthn/internal/route/hydra/logout.go

48 lines
1.2 KiB
Go

package hydra
import (
"net/http"
"forge.cadoles.com/wpetit/hydra-webauthn/internal/hydra"
"github.com/pkg/errors"
"gitlab.com/wpetit/goweb/middleware/container"
"gitlab.com/wpetit/goweb/service/session"
)
func serveLogoutPage(w http.ResponseWriter, r *http.Request) {
ctn := container.Must(r.Context())
hydr := hydra.Must(ctn)
challenge, err := hydr.LogoutChallenge(r)
if err != nil {
if errors.Is(err, hydra.ErrChallengeNotFound) {
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
return
}
panic(errors.Wrap(err, "could not retrieve logout challenge"))
}
_, err = hydr.LogoutRequest(challenge)
if err != nil {
panic(errors.Wrap(err, "could not retrieve hydra logout response"))
}
acceptRes, err := hydr.AcceptLogoutRequest(challenge)
if err != nil {
panic(errors.Wrap(err, "could not retrieve hydra accept logout response"))
}
sess, err := session.Must(ctn).Get(w, r)
if err != nil {
panic(errors.Wrap(err, "could not retrieve session"))
}
if err := sess.Delete(w, r); err != nil {
panic(errors.Wrap(err, "could not delete session"))
}
http.Redirect(w, r, acceptRes.RedirectTo, http.StatusSeeOther)
}