ИСПРАВЛЕНИЕ - NODEDC LAUNCHER: завершать IdP logout без локальной сессии

server/dev-server.mjs

@@ -199,19 +199,7 @@ app.get("/auth/logout", asyncRoute(async (req, res) => {
   }
 
   const discovery = await getOidcDiscovery();
-  const endSessionEndpoint = discovery.end_session_endpoint;
-  const loginRedirectUrl = buildLoginRedirectUrl(returnTo, { forceLogin: true });
-
-  if (!endSessionEndpoint || !session?.tokenSet.idToken) {
-    setNoStore(res);
-    res.type("html").send(renderGlobalLogoutPage(getFrontchannelLogoutUrls(), loginRedirectUrl));
-    return;
-  }
-
-  const logoutUrl = new URL(endSessionEndpoint);
-  logoutUrl.searchParams.set("client_id", config.clientId);
-  logoutUrl.searchParams.set("post_logout_redirect_uri", buildLoggedOutRedirectUrl(returnTo));
-  logoutUrl.searchParams.set("id_token_hint", session.tokenSet.idToken);
+  const logoutUrl = buildOidcLogoutUrl(discovery, returnTo, session?.tokenSet.idToken);
 
   setNoStore(res);
   res.type("html").send(renderGlobalLogoutPage(getFrontchannelLogoutUrls(), logoutUrl.toString()));
@@ -1454,6 +1442,20 @@ function buildLoginRedirectUrl(returnTo, { forceLogin = false } = {}) {
   return loginUrl.toString();
 }
 
+function buildOidcLogoutUrl(discovery, returnTo = "/", idToken = null) {
+  const endpoint = discovery.end_session_endpoint || new URL("/application/o/launcher/end-session/", config.issuer).toString();
+  const logoutUrl = new URL(endpoint);
+
+  logoutUrl.searchParams.set("client_id", config.clientId);
+  logoutUrl.searchParams.set("post_logout_redirect_uri", buildLoggedOutRedirectUrl(returnTo));
+
+  if (idToken) {
+    logoutUrl.searchParams.set("id_token_hint", idToken);
+  }
+
+  return logoutUrl;
+}
+
 function buildLoggedOutRedirectUrl(returnTo = "/") {
   const loggedOutUrl = new URL("/auth/logged-out", config.appBaseUrl);
   const cleanReturnTo = sanitizeReturnTo(returnTo);