fix(javascript-sdk): add logout redirect for pingone

[cerebrl]

JIRA Ticket

https://bugster.forgerock.org/jira/browse/SDKS-3211

Description

In order to support full, complete logout with OIDC on PingOne, including termination of session and removal of cookie in third-party context, logout redirect is required. This PR adds the redirect, but only in the condition a logoutRedirectUri is present in the logout options argument, or detection of PingOne endpoint of /as/signoff in endSession endpoint URL.

There's a "safety switch" that allows the deactivation of this logout redirect regardless of config or endpoint URL, and that's the function's options argument. If you pass in redirect: false, it will disable the redirect explicitly in the endSession method.

This is so, in the rare case we have an issue with endpoint naming schemes, there's a way to turn it off.

Type of Change

Please Delete options that are not relevant

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

Definition of Done

Check all that apply

• Acceptance criteria is met.
• All tasks listed in the user story have been completed.
• Coded to standards.
• Code peer-reviewed.
• Ensure backward compatibility (special attention).
• API reference docs is updated.
• Unit tests are written.
• Integration tests are written.
• e2e tests are written.
• CI build passing on the feature branch.
• Functional spec is written/updated
• contains example code snippets.
• Change log updated.
• Documentation story is created and tracked.
• UI is completed or ticket is created.
• Demo to PO and team.
• Tech debts and remaining tasks are tracked in separated ticket(s).

Documentation

• Acceptance criteria met
• Spell-check run
• Peer reviewed
• Proofread

[nx-cloud]

☁️ Nx Cloud Report

CI is running/has finished running commands for commit cb6977d. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this CI Pipeline Execution

---

✅ Successfully ran 2 targets

• nx affected -t lint test build e2e-ci --verbose
• nx-cloud record -- nx format:check --verbose

---

Sent with 💌 from NxCloud.

[ryanbas21]

Is this specifically needed for the Ping redirect logout? I see we try/catch it so it won't break older flows, but i'm curious

[cerebrl]

We just moved this up. There's no code change for this method call.

[cerebrl]

This removed the "pseudo-headers" and fixed the weird error with :authority.

[cerebrl]

I've moved the signoutUrl from the central config to the method options, keeping the central config clean.

[ryanbas21]

I left this here because while typescript says we can not have this happen, i figured it was safer for us to keep this check in the code for runtime and using expect error just means we expect this line to error (because we are checking a property that can't exist on the interface)

[cerebrl]

Is this being used? I don't see callback.html in the redirectUri config property.

[cerebrl]

Isn't this quite fragile? Shouldn't we use a wait until element is visible or some non-time-based check? I'm a bit worried that pure time based "sleeps" are not reliable.

[ryanbas21]

we do wait for the button to be visible above, the delay was the only way for me to consistently click the button in the test. for some reason

[cerebrl]

LGTM