perf(X-Pack): Optimize the OAuth2 Logout Flow

Author: fit2cloud-chenyw

backend/common/core/schemas.py

@@ -14,6 +14,7 @@ class TokenPayload(BaseModel):
 class Token(SQLModel):
     access_token: str
     token_type: str = "bearer"
+    platform_info: Optional[dict] = None
 
 class XOAuth2PasswordBearer(OAuth2PasswordBearer):
     async def __call__(self, request: Request) -> Optional[str]:

frontend/src/i18n/en.json

@@ -718,6 +718,8 @@
     "client_id": "Client ID",
     "client_secret": "Client Secret",
     "redirect_url": "Redirect URL",
+    "logout_redirect_url": "Logout Redirect URL",
+    "logout_redirect_url_placeholder": "By default, users will be redirected to the SQLBot login page after logout. You can customize the redirect address here.",
     "oauth2_settings": "OAuth2 Settings",
     "scope": "Scope",
     "userinfo_url": "User Info URL",

frontend/src/i18n/ko-KR.json

@@ -718,6 +718,8 @@
     "client_id": "클라이언트 ID",
     "client_secret": "클라이언트 시크릿",
     "redirect_url": "리디렉션 URL",
+    "logout_redirect_url": "로그아웃 후 리디렉션 URL",
+    "logout_redirect_url_placeholder": "기본적으로 로그아웃 후 SQLBot 로그인 페이지로 이동합니다. 여기서 리디렉션 주소를 사용자 지정할 수 있습니다.",
     "oauth2_settings": "OAuth2 설정",
     "scope": "권한 범위",
     "userinfo_url": "사용자 정보 URL",

frontend/src/i18n/zh-CN.json

@@ -718,6 +718,8 @@
     "client_id": "客户端 ID",
     "client_secret": "客户端密钥",
     "redirect_url": "回调地址",
+    "logout_redirect_url": "注销回调地址",
+    "logout_redirect_url_placeholder": "注销后默认跳转至 SQLBot 登录页面，可自定义设置注销后跳转地址",
     "oauth2_settings": "OAuth2 设置",
     "scope": "授权范围",
     "userinfo_url": "用户信息地址",

frontend/src/stores/user.ts

@@ -4,6 +4,7 @@ import { AuthApi } from '@/api/login'
 import { useCache } from '@/utils/useCache'
 import { i18n } from '@/i18n'
 import { store } from './index'
+import { getQueryString } from '@/utils/utils'
 
 const { wsCache } = useCache()
 
@@ -91,6 +92,11 @@ export const UserStore = defineStore('user', {
         window.location.href = res
         window.open(res, '_self')
       }
+      if (getQueryString('code') && getQueryString('state')?.includes('oauth2_state')) {
+        const logout_url = location.origin + location.pathname + '#/login'
+        window.location.href = logout_url
+        window.open(res, logout_url)
+      }
     },
 
     async info() {

frontend/src/views/login/xpack/Handler.vue

@@ -220,7 +220,7 @@ const oauth2Login = () => {
     .post('/system/authentication/sso/4', urlParams)
     .then((res: any) => {
       const token = res.access_token
-      const id_token = res.id_token
+      const platform_info = res.platform_info
       if (token && isPlatformClient()) {
         wsCache.set('de-platform-client', true)
       }
@@ -229,7 +229,7 @@ const oauth2Login = () => {
       userStore.setTime(Date.now())
       userStore.setPlatformInfo({
         flag: 'oauth2',
-        data: id_token,
+        data: platform_info ? JSON.stringify(platform_info) : '',
         origin: 4,
       })
       const queryRedirectPath = getCurLocation()

frontend/src/views/system/authentication/Oauth2Editor.vue

@@ -27,6 +27,7 @@ const state = reactive({
     client_id: '',
     client_secret: '',
     redirect_url: '',
+    logout_redirect_url: '',
     mapping: '',
   }),
 })
@@ -345,6 +346,13 @@ onBeforeMount(() => {
         <el-input v-model="state.form.redirect_url" :placeholder="t('common.please_input')" />
       </el-form-item>
 
+      <el-form-item :label="t('authentication.logout_redirect_url')" prop="logout_redirect_url">
+        <el-input
+          v-model="state.form.logout_redirect_url"
+          :placeholder="t('authentication.logout_redirect_url_placeholder')"
+        />
+      </el-form-item>
+
       <el-form-item :label="t('authentication.field_mapping')" prop="mapping">
         <el-input
           v-model="state.form.mapping"