diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 7b492e8..696d13e 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -4,7 +4,7 @@ env: VERSION: 2.18.2 PGVERSION: 15 DEBIANRELEASE: bookworm - DOCKERREVISION: 10 + DOCKERREVISION: 11 on: push: diff --git a/Changes.md b/Changes.md index 314c861..0600aad 100644 --- a/Changes.md +++ b/Changes.md @@ -1,6 +1,7 @@ # Changes -* 2024-04-26: add llngUserAttributes tool +* 2024-05-01: add FixedRedirectOnLogout plugin (v2.18.2-11) +* 2024-04-26: add llngUserAttributes tool (v2.18.2-10) * 2024-04-18: add IgnorePollers plugin (v2.18.2-9) * 2024-04-17: add package libhttp-browserdetect-perl for Lemonldap::NG::Portal::Plugins::LocationDetect * 2024-04-08: add `DEFAULT_WEBSITE` and `PROTECTION` env var diff --git a/base/install/etc/cont-init.d/update-llng-conf b/base/install/etc/cont-init.d/update-llng-conf index 91dde1b..c452c73 100755 --- a/base/install/etc/cont-init.d/update-llng-conf +++ b/base/install/etc/cont-init.d/update-llng-conf @@ -99,6 +99,12 @@ PORTALURL=`portalUrl "$PORTAL"` /usr/share/docker-llng/updateConf "setDomain" "$SSODOMAIN" /usr/share/docker-llng/updateConf "set" portal "$PORTALURL" +# Fix logout redirection +if test "$FIXED_LOGOUT" != ""; then + echo "Configure LLNG to redirect all logouts on $FIXED_LOGOUT" + /usr/share/docker-llng/updateConf set fixedLogoutRedirection "$FIXED_LOGOUT" +fi + if test "$CROWDSEC_SERVER" != ""; then echo "Configure LLNG to use $CROWDSEC_SERVER as Crowdsec server" /usr/share/docker-llng/updateConf set crowdsec 1 diff --git a/portal/Dockerfile b/portal/Dockerfile index 2fa0049..5755075 100644 --- a/portal/Dockerfile +++ b/portal/Dockerfile @@ -38,6 +38,7 @@ RUN echo patch appgrid.patch && patch -p1 < appgrid.patch && \ echo patch oidc-auth-pkce.patch && patch -p1 < oidc-auth-pkce.patch && \ echo patch jitsi.patch && patch -p1 < jitsi.patch && \ echo patch ignorepollers.patch && patch -p1 < ignorepollers.patch && \ + echo patch fixedLogout.patch && patch -p1 < fixedLogout.patch && \ rm -f *.patch RUN echo "# Install nginx configuration files" && \ diff --git a/portal/fixedLogout.patch b/portal/fixedLogout.patch new file mode 100644 index 0000000..d65ddf8 --- /dev/null +++ b/portal/fixedLogout.patch @@ -0,0 +1,47 @@ +--- a/usr/share/perl5/Lemonldap/NG/Portal/Main/Plugins.pm ++++ b/usr/share/perl5/Lemonldap/NG/Portal/Main/Plugins.pm +@@ -14,6 +14,7 @@ use Mouse; + # Developers: 2FA must be loaded before Notifications + # Developers: GlobalLogout must be the last loaded plugin + our @pList = ( ++ fixedLogoutRedirection => '::Plugins::FixedRedirectOnLogout', + portalDisplayResetPassword => '::Plugins::MailPasswordReset', + portalDisplayCertificateResetByMail => '::Plugins::CertificateResetByMail', + portalStatus => '::Plugins::Status', +--- /dev/null ++++ b/usr/share/perl5/Lemonldap/NG/Portal/Plugins/FixedRedirectOnLogout.pm +@@ -0,0 +1,34 @@ ++package Lemonldap::NG::Portal::Plugins::FixedRedirectOnLogout; ++ ++use strict; ++use Mouse; ++use Lemonldap::NG::Portal::Main::Constants 'PE_OK'; ++use URI; ++ ++our $VERSION = '2.20.0'; ++ ++extends 'Lemonldap::NG::Portal::Main::Plugin'; ++ ++use constant beforeLogout => 'run'; ++ ++sub init { ++ my ($self) = @_; ++ if ( $self->conf->{fixedLogoutRedirection} ) { ++ my $host = URI->new($self->conf->{fixedLogoutRedirection})->host; ++ $self->conf->{trustedDomains} .= " $host"; ++ $self->conf->{trustedDomains} =~ s/^ //; ++ } ++ return 1; ++} ++ ++sub run { ++ my ( $self, $req ) = @_; ++ if ( $self->conf->{fixedLogoutRedirection} ) { ++ $req->logger->debug("Force logout redirection"); ++ $req->mustRedirect(1); ++ $req->urldc( $self->conf->{fixedLogoutRedirection} ); ++ } ++ return PE_OK; ++} ++ ++1;