How can I call out to logout?

[ramanbuttar]

I'd like to call out to logout and am trying to figure out which route to set up so that it forwards to CAS server's logout page?

[lucaspiller]

Hi @ramanbuttar! I assume you are talking about Single Logout (SLO). We have our CAS server setup so that when the user logs out of one application, it also sends a request to log them out of all other applications.

The logout action in our Rails application is as follows:

def destroy
  reset_session

  strategy = OmniAuth::Strategies::CAS.new(nil, CAS_PARAMS)
  service_url = root_url + 'auth/cas/callback'
  full_logout_url = strategy.cas_url + strategy.append_params('/logout', service: service_url)
  redirect_to full_logout_url
end

Note that if you are using the Rails CookieStore, reset_session just deletes the cookie from the user's browser. However the session continues to be valid forever - Rails just assumes it has been deleted - so you can't log out a user from another application with this.

In our case we verify the session against a record in the database on every request. To log out the user, we delete the record from the database, so on the next request their session won't be valid.

[ramanbuttar]

What I'm really wanting is to retrieve the url from defined cas strategy in my initializer.

For instance, in config/initializers/omniauth.rb, I have:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :cas,
  url: 'https://sso.example.com'
end

I'd like to get the url so I can build strategy.cas_url + strategy.append_params('/logout', service: service_url) in my controller.

How can I access this from the OmniAuth::Builder object?

[lime-green]

@ramanbuttar rack stores the strategy here: strategy = env['omniauth.strategy']