Delete user Wazuh API token when log out of Kibana (only ODFE) (#2972)

* Removed old token if login token failed.

* Removed comment code.

* Added event deleteToken on Log out element.

* Updated CHANGELOG

CHANGELOG.md

@@ -30,6 +30,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Can't edit empty rules and decoders files that already exist in the manager [#2978](https://github.com/wazuh/wazuh-kibana-app/pull/2978)
 - Support for alerts index pattern with different ID and name [#2979](https://github.com/wazuh/wazuh-kibana-app/pull/2979)
 - Fix the unpin agent in the selection modal [#2980](https://github.com/wazuh/wazuh-kibana-app/pull/2980)
+- Fix properly logout of Wazuh API when logging out of the application (only for OpenDistro) [#2789](https://github.com/wazuh/wazuh-kibana-app/issues/2789)
 
 ## Wazuh v4.1.0 - Kibana 7.10.0 , 7.10.2 - Revision 4101
 

public/app.js

@@ -9,7 +9,7 @@
  *
  * Find more information about this on the LICENSE file.
  */
-import { checkPluginVersion } from "./utils";
+import { checkPluginVersion } from './utils';
 //import 'ui/autoload/all';
 /* import 'uiExports/visTypes';
 import 'uiExports/visResponseHandlers';
@@ -69,7 +69,7 @@ import './factories';
 import { checkCurrentSecurityPlatform } from './controllers/management/components/management/configuration/utils/wz-fetch';
 import store from './redux/store';
 import { updateCurrentPlatform } from './redux/actions/appStateActions';
-import { WzAuthentication } from './react-services/wz-authentication'
+import { WzAuthentication } from './react-services/wz-authentication';
 
 import { getAngularModule } from './kibana-services';
 const app = getAngularModule();
@@ -113,4 +113,13 @@ app.run(function ($rootElement) {
       <react-component name="WzAgentSelectorWrapper" props=""></react-component>
       <react-component name="ToastNotificationsModal" props=""></react-component>
     </div>`);
+
+  // Blind deleteExistenToken on Log out component.
+  $(document).ready(function () {
+    $('.euiHeaderSectionItem__button').mouseleave('mouseleave', function () {
+      $('span:contains(Log out)').bind('click', function () {
+        WzAuthentication.deleteExistentToken();
+      });
+    });
+  });
 });

public/react-services/wz-authentication.ts

@@ -16,7 +16,7 @@ import jwtDecode from 'jwt-decode';
 import store from '../redux/store';
 import { updateUserPermissions, updateUserRoles } from '../redux/actions/appStateActions';
 import { WAZUH_ROLE_ADMINISTRATOR_ID, WAZUH_ROLE_ADMINISTRATOR_NAME } from '../../common/constants';
-import { getToasts }  from '../kibana-services';
+import { getToasts } from '../kibana-services';
 
 
 export class WzAuthentication{
@@ -27,23 +27,28 @@ export class WzAuthentication{
         await new Promise(r => setTimeout(r, 500));
         idHost = JSON.parse(AppState.getCurrentAPI()).id;
       }
+
       const response = await WzRequest.genericReq('POST', '/api/login', { idHost, force });
+
       const token = ((response || {}).data || {}).token;
       return token as string;
     }catch(error){
       return Promise.reject(error);
     }
   }
   static async refresh(force = false){
-    try{
+    try {
       // Get user token
       const token: string = await WzAuthentication.login(force);
       if(!token){
+        // Remove old existent token
+        await WzAuthentication.deleteExistentToken();
         return;
       }
+
       // Decode token and get expiration time
       const jwtPayload = jwtDecode(token);
-      
+
       // Get user Policies
       const userPolicies = await WzAuthentication.getUserPolicies();
       // Dispatch actions to set permissions and roles
@@ -73,10 +78,18 @@ export class WzAuthentication{
       return Promise.reject(error);
     }
   }
+
   private static mapUserRolesIDToAdministratorRole(roles){
     return roles.map((role: number) => role === WAZUH_ROLE_ADMINISTRATOR_ID ? WAZUH_ROLE_ADMINISTRATOR_NAME : role);
   }
-  static logout(){
-    //TODO: logout
+
+  static async deleteExistentToken() {
+    try {
+      const response = await WzRequest.apiReq('DELETE','/security/user/authenticate', {});
+
+      return ((response || {}).data || {}).data || {};
+    } catch (error) {
+      throw error;
+    }
   }
-}
+}