[APP-3046] Post logout redirect URL update. (#256)

web/auth0.go

@@ -26,11 +26,12 @@ import (
 // AuthProviderConfig config options with constants that will probably need to be manually configured after
 // retrieval from the auth provider web UI or API (e.g. for Auth0, FusionAuth).
 type AuthProviderConfig struct {
-	Domain     string
-	ClientID   string
-	Secret     string
-	BaseURL    string
-	EnableTest bool
+	Domain                string
+	ClientID              string
+	Secret                string
+	BaseURL               string
+	PostLogoutRedirectURL string
+	EnableTest            bool
 }
 
 // AuthProvider should include all state that we need to share with auth callbacks or to make customizations on the
@@ -75,6 +76,7 @@ func InstallAuth0(
 	config AuthProviderConfig,
 	logger golog.Logger,
 ) (io.Closer, error) {
+	config.PostLogoutRedirectURL = "returnTo"
 	authProvider, err := installAuthProvider(
 		ctx,
 		sessions,
@@ -106,6 +108,7 @@ func InstallFusionAuth(
 	config AuthProviderConfig,
 	logger golog.Logger,
 ) (io.Closer, error) {
+	config.PostLogoutRedirectURL = "post_logout_redirect_uri"
 	authProvider, err := installAuthProvider(
 		ctx,
 		sessions,
@@ -147,6 +150,10 @@ func installAuthProvider(
 		return nil, errors.New("sessions needed for auth provider")
 	}
 
+	if config.PostLogoutRedirectURL == "" {
+		return nil, errors.New("need a post logout redirect url")
+	}
+
 	state := &AuthProvider{
 		config:            config,
 		sessions:          sessions,
@@ -598,7 +605,7 @@ func (h *logoutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	logoutURL.Path = h.providerLogoutURL
 	parameters := url.Values{}
 
-	parameters.Add("returnTo", h.state.config.BaseURL)
+	parameters.Add(h.state.config.PostLogoutRedirectURL, h.state.config.BaseURL)
 	parameters.Add("client_id", h.state.config.ClientID)
 	logoutURL.RawQuery = parameters.Encode()