From 948bdaf0dd6ead50f7d22ef6ebe1f682732fe429 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Burkard?= <burkardjerome@gmail.com>
Date: Wed, 23 Oct 2024 10:47:02 +0200
Subject: [PATCH] fix inclusion connect logout, to not need confirmation

---
 .../inclusionConnectedAllowed.e2e.test.ts     |  1 -
 .../oauth-gateway/HttpOAuthGateway.ts         | 36 ++++++++-----------
 .../oauth-gateway/InMemoryOAuthGateway.ts     |  1 -
 .../oauth-gateway/inclusionConnect.routes.ts  |  7 ----
 .../oauth-gateway/proConnect.routes.ts        |  6 ----
 .../GetInclusionConnectLogoutUrl.unit.test.ts |  1 -
 6 files changed, 14 insertions(+), 38 deletions(-)

diff --git a/back/src/adapters/primary/routers/inclusionConnect/inclusionConnectedAllowed.e2e.test.ts b/back/src/adapters/primary/routers/inclusionConnect/inclusionConnectedAllowed.e2e.test.ts
index f5d797240a..8b67d6b503 100644
--- a/back/src/adapters/primary/routers/inclusionConnect/inclusionConnectedAllowed.e2e.test.ts
+++ b/back/src/adapters/primary/routers/inclusionConnect/inclusionConnectedAllowed.e2e.test.ts
@@ -440,7 +440,6 @@ describe("InclusionConnectedAllowedRoutes", () => {
             appConfig.inclusionConnectConfig.providerBaseUri
           }/logout-inclusion-connect?${queryParamsAsString({
             postLogoutRedirectUrl: appConfig.immersionFacileBaseUrl,
-            clientId: appConfig.inclusionConnectConfig.clientId,
             idToken: "fake-id-token",
             state,
           })}`,
diff --git a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/HttpOAuthGateway.ts b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/HttpOAuthGateway.ts
index 6fc62bc009..acde34a153 100644
--- a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/HttpOAuthGateway.ts
+++ b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/HttpOAuthGateway.ts
@@ -23,14 +23,14 @@ import {
   GetLogoutUrlParams,
   OAuthGateway,
 } from "../../port/OAuthGateway";
-import {
-  InclusionConnectLogoutQueryParams,
-  InclusionConnectRoutes,
-} from "./inclusionConnect.routes";
-import {
-  ProConnectLogoutQueryParams,
-  ProConnectRoutes,
-} from "./proConnect.routes";
+import { InclusionConnectRoutes } from "./inclusionConnect.routes";
+import { ProConnectRoutes } from "./proConnect.routes";
+
+export type OAuthLogoutQueryParams = {
+  post_logout_redirect_uri: AbsoluteUrl;
+  id_token_hint: string;
+  state: string;
+};
 
 const logger = createLogger(__filename);
 
@@ -216,20 +216,12 @@ export class HttpOAuthGateway implements OAuthGateway {
         ? `${this.inclusionConnectConfig.providerBaseUri}/logout/`
         : `${this.proConnectConfig.providerBaseUri}/session/end`;
 
-    return provider === "inclusionConnect"
-      ? `${uri}?${queryParamsAsString<InclusionConnectLogoutQueryParams>({
-          client_id: this.inclusionConnectConfig.clientId,
-          post_logout_redirect_uri:
-            this.inclusionConnectConfig.immersionRedirectUri.afterLogout,
-          id_token: params.idToken,
-          state: params.state,
-        })}`
-      : `${uri}?${queryParamsAsString<ProConnectLogoutQueryParams>({
-          post_logout_redirect_uri:
-            this.inclusionConnectConfig.immersionRedirectUri.afterLogout,
-          id_token_hint: params.idToken,
-          state: params.state,
-        })}`;
+    return `${uri}?${queryParamsAsString<OAuthLogoutQueryParams>({
+      state: params.state,
+      id_token_hint: params.idToken,
+      post_logout_redirect_uri:
+        this.inclusionConnectConfig.immersionRedirectUri.afterLogout,
+    })}`;
   }
 
   #makeRedirectAfterLoginUrl(params: WithSourcePage): AbsoluteUrl {
diff --git a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/InMemoryOAuthGateway.ts b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/InMemoryOAuthGateway.ts
index 9bcbb34cea..f06774fc00 100644
--- a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/InMemoryOAuthGateway.ts
+++ b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/InMemoryOAuthGateway.ts
@@ -53,7 +53,6 @@ export class InMemoryOAuthGateway implements OAuthGateway {
     return `${logoutUri[provider]}?${queryParamsAsString({
       postLogoutRedirectUrl:
         this.providerConfig.immersionRedirectUri.afterLogout,
-      clientId: this.providerConfig.clientId,
       idToken: params.idToken,
       state: params.state,
     })}`;
diff --git a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/inclusionConnect.routes.ts b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/inclusionConnect.routes.ts
index e2e33c7dd1..ae44a1fbde 100644
--- a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/inclusionConnect.routes.ts
+++ b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/inclusionConnect.routes.ts
@@ -26,13 +26,6 @@ const withContentTypeUrlEncodedSchema = z.object({
   "Content-Type": z.literal("application/x-www-form-urlencoded"),
 });
 
-export type InclusionConnectLogoutQueryParams = {
-  client_id: string;
-  post_logout_redirect_uri: AbsoluteUrl;
-  id_token: string;
-  state: string;
-};
-
 export type InclusionConnectRoutes = ReturnType<
   typeof makeInclusionConnectRoutes
 >;
diff --git a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/proConnect.routes.ts b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/proConnect.routes.ts
index 4b7d71d883..952cec2115 100644
--- a/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/proConnect.routes.ts
+++ b/back/src/domains/core/authentication/inclusion-connect/adapters/oauth-gateway/proConnect.routes.ts
@@ -26,12 +26,6 @@ const withContentTypeUrlEncodedSchema = z.object({
   "Content-Type": z.literal("application/x-www-form-urlencoded"),
 });
 
-export type ProConnectLogoutQueryParams = {
-  post_logout_redirect_uri: AbsoluteUrl;
-  id_token_hint: string;
-  state: string;
-};
-
 export type ProConnectRoutes = ReturnType<typeof makeProConnectRoutes>;
 
 export const makeProConnectRoutes = (proConnectBaseUrl: AbsoluteUrl) =>
diff --git a/back/src/domains/core/authentication/inclusion-connect/use-cases/GetInclusionConnectLogoutUrl.unit.test.ts b/back/src/domains/core/authentication/inclusion-connect/use-cases/GetInclusionConnectLogoutUrl.unit.test.ts
index 70b1774147..fea2b568b7 100644
--- a/back/src/domains/core/authentication/inclusion-connect/use-cases/GetInclusionConnectLogoutUrl.unit.test.ts
+++ b/back/src/domains/core/authentication/inclusion-connect/use-cases/GetInclusionConnectLogoutUrl.unit.test.ts
@@ -83,7 +83,6 @@ describe("GetInclusionConnectLogoutUrl", () => {
           }/logout-${logoutSuffixe}?${queryParamsAsString({
             postLogoutRedirectUrl:
               fakeProviderConfig.immersionRedirectUri.afterLogout,
-            clientId: fakeProviderConfig.clientId,
             idToken,
             state: ongoingOAuth.state,
           })}`,