fix: add logout callback arguments to backends

sebulibah · sebulibah · commit 321be655ca5f · 2023-02-28T09:38:14.000Z
diff --git a/src/satosa/backends/apple.py b/src/satosa/backends/apple.py
@@ -36,11 +36,13 @@
 class AppleBackend(BackendModule):
     """Sign in with Apple backend"""
 
-    def __init__(self, auth_callback_func, internal_attributes, config, base_url, name):
+    def __init__(self, auth_callback_func, logout_callback_func, internal_attributes, config, base_url, name):
         """
         Sign in with Apple backend module.
         :param auth_callback_func: Callback should be called by the module after the authorization
         in the backend is done.
+        :param logout_callback_func: Callback should be called by the module after logout in the
+        backend is done.
         :param internal_attributes: Mapping dictionary between SATOSA internal attribute names and
         the names returned by underlying IdP's/OP's as well as what attributes the calling SP's and
         RP's expects namevice.
@@ -50,13 +52,16 @@ def __init__(self, auth_callback_func, internal_attributes, config, base_url, na
 
         :type auth_callback_func:
         (satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response
+        :type logout_callback_func:
+        (satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response
         :type internal_attributes: dict[string, dict[str, str | list[str]]]
         :type config: dict[str, dict[str, str] | list[str]]
         :type base_url: str
         :type name: str
         """
-        super().__init__(auth_callback_func, internal_attributes, base_url, name)
+        super().__init__(auth_callback_func, logout_callback_func, internal_attributes, base_url, name)
         self.auth_callback_func = auth_callback_func
+        self.logout_callback_func = logout_callback_func
         self.config = config
         self.client = _create_client(
             config["provider_metadata"],
diff --git a/src/satosa/backends/bitbucket.py b/src/satosa/backends/bitbucket.py
@@ -19,10 +19,12 @@ class BitBucketBackend(_OAuthBackend):
 
     logprefix = "BitBucket Backend:"
 
-    def __init__(self, outgoing, internal_attributes, config, base_url, name):
+    def __init__(self, outgoing, logout, internal_attributes, config, base_url, name):
         """BitBucket backend constructor
         :param outgoing: Callback should be called by the module after the
             authorization in the backend is done.
+        :param logout: Callback should be called by the module after logout in
+            the backend is done.
         :param internal_attributes: Mapping dictionary between SATOSA internal
             attribute names and the names returned by underlying IdP's/OP's as
             well as what attributes the calling SP's and RP's expects namevice.
@@ -32,14 +34,17 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
         :type outgoing:
             (satosa.context.Context, satosa.internal.InternalData) ->
             satosa.response.Response
+        :type logout:
+            (satosa.context.Context, satosa.internal.InternalData) ->
+            satosa.response.Response
         :type internal_attributes: dict[string, dict[str, str | list[str]]]
         :type config: dict[str, dict[str, str] | list[str] | str]
         :type base_url: str
         :type name: str
         """
         config.setdefault('response_type', 'code')
         config['verify_accesstoken_state'] = False
-        super().__init__(outgoing, internal_attributes, config, base_url,
+        super().__init__(outgoing, logout, internal_attributes, config, base_url,
                          name, 'bitbucket', 'account_id')
 
     def get_request_args(self, get_state=stateID):
diff --git a/src/satosa/backends/github.py b/src/satosa/backends/github.py
@@ -21,10 +21,12 @@
 class GitHubBackend(_OAuthBackend):
     """GitHub OAuth 2.0 backend"""
 
-    def __init__(self, outgoing, internal_attributes, config, base_url, name):
+    def __init__(self, outgoing, logout, internal_attributes, config, base_url, name):
         """GitHub backend constructor
         :param outgoing: Callback should be called by the module after the
             authorization in the backend is done.
+        :param logout: Callback should be called by the module after logout
+            in the backend is done.
         :param internal_attributes: Mapping dictionary between SATOSA internal
             attribute names and the names returned by underlying IdP's/OP's as
             well as what attributes the calling SP's and RP's expects namevice.
@@ -42,7 +44,7 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
         config.setdefault('response_type', 'code')
         config['verify_accesstoken_state'] = False
         super().__init__(
-            outgoing, internal_attributes, config, base_url, name, 'github',
+            outgoing, logout, internal_attributes, config, base_url, name, 'github',
             'id')
 
     def start_auth(self, context, internal_request, get_state=stateID):
diff --git a/src/satosa/backends/linkedin.py b/src/satosa/backends/linkedin.py
@@ -22,10 +22,12 @@
 class LinkedInBackend(_OAuthBackend):
     """LinkedIn OAuth 2.0 backend"""
 
-    def __init__(self, outgoing, internal_attributes, config, base_url, name):
+    def __init__(self, outgoing, logout, internal_attributes, config, base_url, name):
         """LinkedIn backend constructor
         :param outgoing: Callback should be called by the module after the
             authorization in the backend is done.
+        :param logout: Callback should be called by the module after logout
+            in the backend is done
         :param internal_attributes: Mapping dictionary between SATOSA internal
             attribute names and the names returned by underlying IdP's/OP's as
             well as what attributes the calling SP's and RP's expects namevice.
@@ -35,6 +37,9 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
         :type outgoing:
             (satosa.context.Context, satosa.internal.InternalData) ->
             satosa.response.Response
+        :type logout:
+            (satosa.context.Context, satosa.internal.InternalData) ->
+            satosa.response.Response
         :type internal_attributes: dict[string, dict[str, str | list[str]]]
         :type config: dict[str, dict[str, str] | list[str] | str]
         :type base_url: str
@@ -43,7 +48,7 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
         config.setdefault('response_type', 'code')
         config['verify_accesstoken_state'] = False
         super().__init__(
-            outgoing, internal_attributes, config, base_url, name, 'linkedin',
+            outgoing, logout, internal_attributes, config, base_url, name, 'linkedin',
             'id')
 
     def start_auth(self, context, internal_request, get_state=stateID):
diff --git a/src/satosa/backends/oauth.py b/src/satosa/backends/oauth.py
@@ -32,7 +32,7 @@ class _OAuthBackend(BackendModule):
     See satosa.backends.oauth.FacebookBackend.
     """
 
-    def __init__(self, outgoing, internal_attributes, config, base_url, name, external_type, user_id_attr):
+    def __init__(self, outgoing, logout, internal_attributes, config, base_url, name, external_type, user_id_attr):
         """
         :param outgoing: Callback should be called by the module after the authorization in the
         backend is done.
@@ -52,7 +52,7 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name, extern
         :type name: str
         :type external_type: str
         """
-        super().__init__(outgoing, internal_attributes, base_url, name)
+        super().__init__(outgoing, logout, internal_attributes, base_url, name)
         self.config = config
         self.redirect_url = "%s/%s" % (self.config["base_url"], self.config["authz_page"])
         self.external_type = external_type
@@ -190,11 +190,13 @@ class FacebookBackend(_OAuthBackend):
     """
     DEFAULT_GRAPH_ENDPOINT = "https://graph.facebook.com/v2.5/me"
 
-    def __init__(self, outgoing, internal_attributes, config, base_url, name):
+    def __init__(self, outgoing, logout, internal_attributes, config, base_url, name):
         """
         Constructor.
         :param outgoing: Callback should be called by the module after the authorization in the
         backend is done.
+        :param logout: Callback should be called by the module after the logout in the backend is
+        done.
         :param internal_attributes: Mapping dictionary between SATOSA internal attribute names and
         the names returned by underlying IdP's/OP's as well as what attributes the calling SP's and
         RP's expects namevice.
@@ -204,14 +206,16 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
 
         :type outgoing:
         (satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response
+        :type logout:
+        (satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response
         :type internal_attributes: dict[string, dict[str, str | list[str]]]
         :type config: dict[str, dict[str, str] | list[str] | str]
         :type base_url: str
         :type name: str
         """
         config.setdefault("response_type", "code")
         config["verify_accesstoken_state"] = False
-        super().__init__(outgoing, internal_attributes, config, base_url, name, "facebook", "id")
+        super().__init__(outgoing, logout, internal_attributes, config, base_url, name, "facebook", "id")
 
     def get_request_args(self, get_state=stateID):
         request_args = super().get_request_args(get_state=get_state)
diff --git a/src/satosa/backends/openid_connect.py b/src/satosa/backends/openid_connect.py
@@ -33,7 +33,7 @@ class OpenIDConnectBackend(BackendModule):
     OIDC module
     """
 
-    def __init__(self, auth_callback_func, internal_attributes, config, base_url, name):
+    def __init__(self, auth_callback_func, logout_callback_func, internal_attributes, config, base_url, name):
         """
         OIDC backend module.
         :param auth_callback_func: Callback should be called by the module after the authorization
@@ -52,8 +52,9 @@ def __init__(self, auth_callback_func, internal_attributes, config, base_url, na
         :type base_url: str
         :type name: str
         """
-        super().__init__(auth_callback_func, internal_attributes, base_url, name)
+        super().__init__(auth_callback_func, logout_callback_func, internal_attributes, base_url, name)
         self.auth_callback_func = auth_callback_func
+        self.logout_callback_func = logout_callback_func
         self.config = config
         self.client = _create_client(
             config["provider_metadata"],
diff --git a/src/satosa/backends/orcid.py b/src/satosa/backends/orcid.py
@@ -21,10 +21,12 @@
 class OrcidBackend(_OAuthBackend):
     """Orcid OAuth 2.0 backend"""
 
-    def __init__(self, outgoing, internal_attributes, config, base_url, name):
+    def __init__(self, outgoing, logout, internal_attributes, config, base_url, name):
         """Orcid backend constructor
         :param outgoing: Callback should be called by the module after the
             authorization in the backend is done.
+        :param logout: Callback should be called by the module after
+            logout in the backend is done.
         :param internal_attributes: Mapping dictionary between SATOSA internal
             attribute names and the names returned by underlying IdP's/OP's as
             well as what attributes the calling SP's and RP's expects namevice.
@@ -34,6 +36,9 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
         :type outgoing:
             (satosa.context.Context, satosa.internal.InternalData) ->
             satosa.response.Response
+        :type logout:
+            (satosa.context.Context, satosa.internal.InternalData) ->
+            satosa.response.Response
         :type internal_attributes: dict[string, dict[str, str | list[str]]]
         :type config: dict[str, dict[str, str] | list[str] | str]
         :type base_url: str
@@ -42,7 +47,7 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
         config.setdefault('response_type', 'code')
         config['verify_accesstoken_state'] = False
         super().__init__(
-            outgoing, internal_attributes, config, base_url, name, 'orcid',
+            outgoing, logout, internal_attributes, config, base_url, name, 'orcid',
             'orcid')
 
     def get_request_args(self, get_state=stateID):
diff --git a/src/satosa/backends/reflector.py b/src/satosa/backends/reflector.py
@@ -16,23 +16,27 @@ class ReflectorBackend(BackendModule):
 
     ENTITY_ID = ORG_NAME = AUTH_CLASS_REF = SUBJECT_ID = "reflector"
 
-    def __init__(self, outgoing, internal_attributes, config, base_url, name):
+    def __init__(self, outgoing, logout, internal_attributes, config, base_url, name):
         """
         :type outgoing:
         (satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response
+        :type logout:
+
         :type internal_attributes: dict[str, dict[str, list[str] | str]]
         :type config: dict[str, Any]
         :type base_url: str
         :type name: str
 
         :param outgoing: Callback should be called by the module after
                                    the authorization in the backend is done.
+        :param logout: Callback should be called by the module after logout
+                                    in the backend is done.
         :param internal_attributes: Internal attribute map
         :param config: The module config
         :param base_url: base url of the service
         :param name: name of the plugin
         """
-        super().__init__(outgoing, internal_attributes, base_url, name)
+        super().__init__(outgoing, logout, internal_attributes, base_url, name)
 
     def start_auth(self, context, internal_req):
         """
