Provide express request to onLogout call

+ pluginInfo related changes

3 files changed, 18 insertions, 8 deletions

diff --git a/server/lib/auth.ts b/server/lib/auth.ts
index 3f8e18633..acf0da18a 100644
--- a/server/lib/auth.ts
+++ b/server/lib/auth.ts
@@ -52,7 +52,7 @@ async function handleTokenRevocation (req: express.Request, res: express.Respons
   const token = res.locals.oauth.token
 
   res.locals.explicitLogout = true
-  await revokeToken(token)
+  const result = await revokeToken(token)
 
   // FIXME: uncomment when https://github.com/oauthjs/node-oauth2-server/pull/289 is released
   // oAuthServer.revoke(req, res, err => {
@@ -68,7 +68,7 @@ async function handleTokenRevocation (req: express.Request, res: express.Respons
   //   }
   // })
 
-  return res.json()
+  return res.json(result)
 }
 
 async function onExternalUserAuthenticated (options: {
diff --git a/server/lib/oauth-model.ts b/server/lib/oauth-model.ts
index 3273c6c2d..f7ea98b41 100644
--- a/server/lib/oauth-model.ts
+++ b/server/lib/oauth-model.ts
@@ -141,13 +141,15 @@ async function getUser (usernameOrEmail?: string, password?: string) {
   return user
 }
 
-async function revokeToken (tokenInfo: { refreshToken: string }) {
+async function revokeToken (tokenInfo: { refreshToken: string }): Promise<{ success: boolean, redirectUrl?: string }> {
   const res: express.Response = this.request.res
   const token = await OAuthTokenModel.getByRefreshTokenAndPopulateUser(tokenInfo.refreshToken)
 
   if (token) {
+    let redirectUrl: string
+
     if (res.locals.explicitLogout === true && token.User.pluginAuth && token.authName) {
-      PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName, token.User)
+      redirectUrl = await PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName, token.User, this.request)
     }
 
     clearCacheByToken(token.accessToken)
@@ -155,10 +157,10 @@ async function revokeToken (tokenInfo: { refreshToken: string }) {
     token.destroy()
          .catch(err => logger.error('Cannot destroy token when revoking token.', { err }))
 
-    return true
+    return { success: true, redirectUrl }
   }
 
-  return false
+  return { success: false }
 }
 
 async function saveToken (token: TokenInfo, client: OAuthClientModel, user: UserModel) {
diff --git a/server/lib/plugins/plugin-manager.ts b/server/lib/plugins/plugin-manager.ts
index 94b5ecc41..8e7491257 100644
--- a/server/lib/plugins/plugin-manager.ts
+++ b/server/lib/plugins/plugin-manager.ts
@@ -1,3 +1,4 @@
+import * as express from 'express'
 import { createReadStream, createWriteStream } from 'fs'
 import { outputFile, readJSON } from 'fs-extra'
 import { basename, join } from 'path'
@@ -166,18 +167,25 @@ export class PluginManager implements ServerHook {
 
   // ###################### External events ######################
 
-  onLogout (npmName: string, authName: string, user: MUser) {
+  async onLogout (npmName: string, authName: string, user: MUser, req: express.Request) {
     const auth = this.getAuth(npmName, authName)
 
     if (auth?.onLogout) {
       logger.info('Running onLogout function from auth %s of plugin %s', authName, npmName)
 
       try {
-        auth.onLogout(user)
+        // Force await, in case or onLogout returns a promise
+        const result = await auth.onLogout(user, req)
+
+        return typeof result === 'string'
+          ? result
+          : undefined
       } catch (err) {
         logger.warn('Cannot run onLogout function from auth %s of plugin %s.', authName, npmName, { err })
       }
     }
+
+    return undefined
   }
 
   onSettingsChanged (name: string, settings: any) {