From edf048570bd3f2fe6903fbf95f4483149d7bfd4c Mon Sep 17 00:00:00 2001
From: Chaim Lev-Ari <chiptus@users.noreply.github.com>
Date: Sun, 16 Jan 2022 08:58:24 +0200
Subject: [PATCH] fix(oauth): change default microsoft logout url [EE-2044]
 (#6324)

---
 .../oauth-settings/oauth-settings.controller.js       | 11 ++++++++---
 .../oauth/components/oauth-settings/providers.js      |  2 +-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/app/portainer/oauth/components/oauth-settings/oauth-settings.controller.js b/app/portainer/oauth/components/oauth-settings/oauth-settings.controller.js
index c61c1c2c0..875737f5e 100644
--- a/app/portainer/oauth/components/oauth-settings/oauth-settings.controller.js
+++ b/app/portainer/oauth/components/oauth-settings/oauth-settings.controller.js
@@ -3,6 +3,8 @@ import { isLimitedToBE } from '@/portainer/feature-flags/feature-flags.service';
 import { FeatureId } from '@/portainer/feature-flags/enums';
 import providers, { getProviderByUrl } from './providers';
 
+const MS_TENANT_ID_PLACEHOLDER = 'TENANT_ID';
+
 export default class OAuthSettingsController {
   /* @ngInject */
   constructor($scope) {
@@ -28,11 +30,12 @@ export default class OAuthSettingsController {
   }
 
   onMicrosoftTenantIDChange() {
-    const tenantID = this.state.microsoftTenantID;
+    const tenantID = this.state.microsoftTenantID || MS_TENANT_ID_PLACEHOLDER;
 
     this.settings.AuthorizationURI = `https://login.microsoftonline.com/${tenantID}/oauth2/authorize`;
     this.settings.AccessTokenURI = `https://login.microsoftonline.com/${tenantID}/oauth2/token`;
     this.settings.ResourceURI = `https://graph.windows.net/${tenantID}/me?api-version=2013-11-08`;
+    this.settings.LogoutURI = `https://login.microsoftonline.com/${tenantID}/oauth2/logout`;
   }
 
   useDefaultProviderConfiguration(providerId) {
@@ -123,8 +126,10 @@ export default class OAuthSettingsController {
       this.state.provider = getProviderByUrl(authUrl);
       if (this.state.provider === 'microsoft') {
         const tenantID = authUrl.match(/login.microsoftonline.com\/(.*?)\//)[1];
-        this.state.microsoftTenantID = tenantID;
-        this.onMicrosoftTenantIDChange();
+        if (tenantID !== MS_TENANT_ID_PLACEHOLDER) {
+          this.state.microsoftTenantID = tenantID;
+          this.onMicrosoftTenantIDChange();
+        }
       }
     }
 
diff --git a/app/portainer/oauth/components/oauth-settings/providers.js b/app/portainer/oauth/components/oauth-settings/providers.js
index e8118bf27..ef868758b 100644
--- a/app/portainer/oauth/components/oauth-settings/providers.js
+++ b/app/portainer/oauth/components/oauth-settings/providers.js
@@ -5,7 +5,7 @@ export default {
     authUrl: 'https://login.microsoftonline.com/TENANT_ID/oauth2/authorize',
     accessTokenUrl: 'https://login.microsoftonline.com/TENANT_ID/oauth2/token',
     resourceUrl: 'https://graph.windows.net/TENANT_ID/me?api-version=2013-11-08',
-    logoutUrl: `https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=${window.location.origin}${baseHref()}#!/auth`,
+    logoutUrl: `https://login.microsoftonline.com/TENANT_ID/oauth2/logout`,
     userIdentifier: 'userPrincipalName',
     scopes: 'id,email,name',
   },