chore: add new endpoint for logout from current web

.env.local.example

@@ -26,9 +26,4 @@ SEAMLESS_LOGIN_EN="http://www.example.com/updatelogin"
 SEAMLESS_LOGIN_FI="http://www.example.fi/updatelogin"
 SEAMLESS_LOGIN_NO="http://www.example.no/updatelogin"
 SEAMLESS_LOGIN_SV="http://www.example.se/updatelogin"
-SEAMLESS_LOGOUT_DA="http://www.example.dk/TBD"
+SEAMLESS_LOGOUT="http://www.example.com/updatelogout?newweb"
-SEAMLESS_LOGOUT_DE="http://www.example.de/TBD"
-SEAMLESS_LOGOUT_EN="http://www.example.com/TBD"
-SEAMLESS_LOGOUT_FI="http://www.example.fi/TBD"
-SEAMLESS_LOGOUT_NO="http://www.example.no/TBD"
-SEAMLESS_LOGOUT_SV="http://www.example.se/TBD"

app/[lang]/(live)/(protected)/logout/route.ts

@@ -3,42 +3,33 @@ import { headers as nextHeaders } from "next/headers"
 import { NextRequest, NextResponse } from "next/server"
 import { AuthError } from "next-auth"
 
-import { Lang } from "@/constants/languages"
 import { env } from "@/env/server"
 import { serverClient } from "@/lib/trpc/server"
-import { badRequest } from "@/server/errors/next"
+import { internalServerError } from "@/server/errors/next"
 
 import { signOut } from "@/auth"
 
-export async function GET(
+export async function GET(request: NextRequest) {
-  request: NextRequest,
-  context: { params: { lang: Lang } }
-) {
   let redirectHeaders: Headers | undefined = undefined
   let redirectTo: string
 
   const returnUrl = request.headers.get("x-returnurl")
   if (returnUrl) {
-    // Seamless logout request from Current web
+    // Should check for ?currentweb in header?
     redirectTo = returnUrl
   } else {
     // Normal logout request from New web
     redirectTo =
       request.cookies.get("redirectTo")?.value || // Cookie gets set by authRequired middleware
-      request.headers.get("x-redirect-to") ||
       request.nextUrl.searchParams.get("redirectTo") ||
-      request.headers.get("Referer") ||
       "/"
-    console.log(redirectTo)
+
     // If above fails, always redirect to startpage
-    if (!redirectTo) {
+    if (redirectTo.startsWith("/")) {
-      const proto = request.headers.get("x-forwarded-proto") ?? "http"
+      if (!env.PUBLIC_URL) {
-      const host =
+        throw internalServerError("No value for env.PUBLIC_URL")
-        request.headers.get("x-forwarded-host") ??
+      }
-        request.headers.get("host") ??
+      redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
-        env.URL
-      redirectTo = `${proto}://${host}/`
-      console.log({ logout_fallback: redirectTo })
     }
     // Clean up cookie from authRequired middleware
     redirectHeaders = new Headers()
@@ -46,55 +37,32 @@ export async function GET(
       "set-cookie",
       "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
     )
-  }
 
     try {
       // Initiate the seamless logout flow
       const invalidateResponse = await serverClient().user.invalidateSessions()
 
-    let redirectUrlValue
+      const redirectUrl = new URL(env.SEAMLESS_LOGOUT)
-
-    switch (context.params.lang) {
-      case Lang.da:
-        redirectUrlValue = env.SEAMLESS_LOGOUT_DA
-        break
-      case Lang.de:
-        redirectUrlValue = env.SEAMLESS_LOGOUT_DE
-        break
-      case Lang.en:
-        redirectUrlValue = env.SEAMLESS_LOGOUT_EN
-        break
-      case Lang.fi:
-        redirectUrlValue = env.SEAMLESS_LOGOUT_FI
-        break
-      case Lang.no:
-        redirectUrlValue = env.SEAMLESS_LOGOUT_NO
-        break
-      case Lang.sv:
-        redirectUrlValue = env.SEAMLESS_LOGOUT_SV
-        break
-    }
-    console.log(redirectUrlValue)
-    const redirectUrl = new URL(redirectUrlValue)
       redirectUrl.searchParams.set("returnurl", redirectTo)
       redirectTo = redirectUrl.toString()
-    console.log(redirectUrl, redirectTo)
     } catch (e) {
       console.error(
         "Unable to create URL for seamless logout, proceeding without it."
       )
       console.error(e)
     }
+  }
   try {
-    console.log({ logout_AUTH_URL: process.env.AUTH_URL })
-    console.log({ logout_NEXTAUTH_URL: process.env.NEXTAUTH_URL })
-    console.log({ logout_env: process.env })
-
     /**
      * Passing `redirect: false` to `signOut` will return a result object
      * instead of automatically redirecting inside of `signOut`.
      * https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L104
      */
+    console.log({ logout_NEXTAUTH_URL: process.env.NEXTAUTH_URL })
+    console.log({ logout_env: process.env })
+
+    console.log({ logout_redirectTo: redirectTo })
+
     const headers = new Headers(nextHeaders())
     const signOutURL = createActionURL(
       "signout",
@@ -110,7 +78,7 @@ export async function GET(
       redirectTo,
       redirect: false,
     })
-    console.log(redirectUrlObj)
+
     if (redirectUrlObj) {
       return NextResponse.redirect(redirectUrlObj.redirect, {
         headers: redirectHeaders,
@@ -124,5 +92,5 @@ export async function GET(
     }
   }
 
-  return badRequest()
+  return internalServerError()
 }

env/server.ts

@@ -48,12 +48,7 @@ export const env = createEnv({
     SEAMLESS_LOGIN_FI: z.string(),
     SEAMLESS_LOGIN_NO: z.string(),
     SEAMLESS_LOGIN_SV: z.string(),
-    SEAMLESS_LOGOUT_DA: z.string(),
+    SEAMLESS_LOGOUT: z.string(),
-    SEAMLESS_LOGOUT_DE: z.string(),
-    SEAMLESS_LOGOUT_EN: z.string(),
-    SEAMLESS_LOGOUT_FI: z.string(),
-    SEAMLESS_LOGOUT_NO: z.string(),
-    SEAMLESS_LOGOUT_SV: z.string(),
     URL: z.string().optional(),
     WEBVIEW_ENCRYPTION_KEY: z.string(),
   },
@@ -89,12 +84,7 @@ export const env = createEnv({
     SEAMLESS_LOGIN_FI: process.env.SEAMLESS_LOGIN_FI,
     SEAMLESS_LOGIN_NO: process.env.SEAMLESS_LOGIN_NO,
     SEAMLESS_LOGIN_SV: process.env.SEAMLESS_LOGIN_SV,
-    SEAMLESS_LOGOUT_DA: process.env.SEAMLESS_LOGOUT_DA,
+    SEAMLESS_LOGOUT: process.env.SEAMLESS_LOGOUT,
-    SEAMLESS_LOGOUT_DE: process.env.SEAMLESS_LOGOUT_DE,
-    SEAMLESS_LOGOUT_EN: process.env.SEAMLESS_LOGOUT_EN,
-    SEAMLESS_LOGOUT_FI: process.env.SEAMLESS_LOGOUT_FI,
-    SEAMLESS_LOGOUT_NO: process.env.SEAMLESS_LOGOUT_NO,
-    SEAMLESS_LOGOUT_SV: process.env.SEAMLESS_LOGOUT_SV,
     URL: process.env.URL,
     WEBVIEW_ENCRYPTION_KEY: process.env.WEBVIEW_ENCRYPTION_KEY,
   },