Merge pull request #7658 from vector-im/mauroromito/oidc_redirect_logout_confirmation_dialogues

Sign out through MAS redirect confirmation alerts
2026-04-17 15:09:31 +02:00 · 2023-08-28 13:18:21 +02:00
parent 81bc47a1fb d1445fc698
commit 9be8031b24
4 changed files with 81 additions and 16 deletions
--- a/Riot/Assets/en.lproj/Vector.strings
+++ b/Riot/Assets/en.lproj/Vector.strings
@@ -967,6 +967,8 @@ Tap the + to start adding people.";
 "manage_session_trusted" = "Trusted by you";
 "manage_session_not_trusted" = "Not trusted";
 "manage_session_sign_out" = "Sign out of this session";
+"manage_session_redirect" = "You will be redirected to your server's authentication provider to complete sign out.";
+"manage_session_redirect_error" = "Functionality currently unavailable. Please contact your homeserver admin";
 "manage_session_rename" = "Rename session";
 "manage_session_sign_out_other_sessions" = "Sign out of all other sessions";
 // User sessions management
--- a/Riot/Generated/Strings.swift
+++ b/Riot/Generated/Strings.swift
@@ -3667,6 +3667,14 @@ public class VectorL10n: NSObject {
  public static var manageSessionNotTrusted: String { 
    return VectorL10n.tr("Vector", "manage_session_not_trusted") 
  }
+  /// You will be redirected to your server's authentication provider to complete sign out.
+  public static var manageSessionRedirect: String { 
+    return VectorL10n.tr("Vector", "manage_session_redirect") 
+  }
+  /// Functionality currently unavailable. Please contact your homeserver admin
+  public static var manageSessionRedirectError: String { 
+    return VectorL10n.tr("Vector", "manage_session_redirect_error") 
+  }
  /// Rename session
  public static var manageSessionRename: String { 
    return VectorL10n.tr("Vector", "manage_session_rename") 
--- a/Riot/Modules/Settings/Security/ManageSession/ManageSessionViewController.m
+++ b/Riot/Modules/Settings/Security/ManageSession/ManageSessionViewController.m
@@ -656,11 +656,18 @@ enum {

 - (void)removeDevice
 {
-    NSURL *logoutURL = [self.mainSession.homeserverWellknown.authentication getLogoutDeviceURLFromID:device.deviceId];
-    if (logoutURL)
+    MXWellKnownAuthentication *authentication = self.mainSession.homeserverWellknown.authentication;
+    if (authentication)
    {
-        [UIApplication.sharedApplication openURL:logoutURL options:@{} completionHandler:nil];
-        [self withdrawViewControllerAnimated:YES completion:nil];
+        NSURL *logoutURL = [authentication getLogoutDeviceURLFromID:device.deviceId];
+        if (logoutURL)
+        {
+            [self removeDeviceRedirectWithURL:logoutURL];
+        }
+        else
+        {
+            [self showRemoveDeviceRedirectError];
+        }
    }
    else
    {
@@ -668,6 +675,31 @@ enum {
    }
 }

+-(void) removeDeviceRedirectWithURL: (NSURL * _Nonnull) url
+{
+    UIAlertController *alert = [UIAlertController alertControllerWithTitle: [VectorL10n manageSessionRedirect] message: nil preferredStyle:UIAlertControllerStyleAlert];
+    
+    __weak typeof(self) weakSelf = self;
+    UIAlertAction *action = [UIAlertAction actionWithTitle:[VectorL10n ok]
+                                                     style:UIAlertActionStyleDefault
+                                                   handler: ^(UIAlertAction * action) {
+        [UIApplication.sharedApplication openURL:url options:@{} completionHandler:^(BOOL success) {
+            if (success && weakSelf)
+            {
+                [weakSelf withdrawViewControllerAnimated:YES completion:nil];
+            }
+        }];
+    }];
+    [alert addAction: action];
+    [self presentViewController:alert animated:YES completion:nil];
+}
+
+-(void) showRemoveDeviceRedirectError
+{
+    UIAlertController *alert = [UIAlertController alertControllerWithTitle: [VectorL10n manageSessionRedirectError] message: nil preferredStyle:UIAlertControllerStyleAlert];
+    [self presentViewController:alert animated:YES completion:nil];
+}
+
 -(void) removeDeviceThroughAPI
 {
    [self startActivityIndicator];
--- a/RiotSwiftUI/Modules/UserSessions/Coordinator/UserSessionsFlowCoordinator.swift
+++ b/RiotSwiftUI/Modules/UserSessions/Coordinator/UserSessionsFlowCoordinator.swift
@@ -120,21 +120,29 @@ final class UserSessionsFlowCoordinator: NSObject, Coordinator, Presentable {
            case let .renameSession(sessionInfo):
                self.showRenameSessionScreen(for: sessionInfo)
            case let .logoutOfSession(sessionInfo):
-                if sessionInfo.isCurrent {
-                    self.showLogoutConfirmationForCurrentSession()
-                } else {
-                    if let logoutURL = self.parameters.session.homeserverWellknown.authentication?.getLogoutDeviceURL(fromID: sessionInfo.id) {
-                        self.openMasLogoutURL(logoutURL)
-                    } else {
-                        self.showLogoutConfirmation(for: [sessionInfo])
-                    }
-                }
+                self.handleLogoutOfSession(sessionInfo: sessionInfo)
            case let .showSessionStateInfo(sessionInfo):
                self.showInfoSheet(parameters: .init(userSessionInfo: sessionInfo, parentSize: self.toPresentable().view.bounds.size))
            }
        }
        pushScreen(with: coordinator)
    }
+    
+    private func handleLogoutOfSession(sessionInfo: UserSessionInfo) {
+        if sessionInfo.isCurrent {
+            self.showLogoutConfirmationForCurrentSession()
+        } else {
+            if let authentication = self.parameters.session.homeserverWellknown.authentication {
+                if let logoutURL = authentication.getLogoutDeviceURL(fromID: sessionInfo.id) {
+                    self.openDeviceLogoutRedirectURL(logoutURL)
+                } else {
+                    self.showDeviceLogoutRedirectError()
+                }
+            } else {
+                self.showLogoutConfirmation(for: [sessionInfo])
+            }
+        }
+    }

    /// Shows the QR login screen.
    private func openQRLoginScreen() {
@@ -186,9 +194,24 @@ final class UserSessionsFlowCoordinator: NSObject, Coordinator, Presentable {
        return UserOtherSessionsCoordinator(parameters: parameters)
    }
    
-    private func openMasLogoutURL(_ url: URL) {
-        UIApplication.shared.open(url)
-        popToSessionsOverview()
+    private func openDeviceLogoutRedirectURL(_ url: URL) {
+        let alert = UIAlertController(title: VectorL10n.manageSessionRedirect, message: nil, preferredStyle: .alert)
+        alert.addAction(UIAlertAction(title: VectorL10n.ok, style: .default) { [weak self] _ in
+            UIApplication.shared.open(url) { [weak self] success in
+                guard success else {
+                    return
+                }
+                self?.popToSessionsOverview()
+            }
+        })
+        alert.popoverPresentationController?.sourceView = toPresentable().view
+        navigationRouter.present(alert, animated: true)
+    }
+    
+    private func showDeviceLogoutRedirectError() {
+        let alert = UIAlertController(title: VectorL10n.manageSessionRedirectError, message: nil, preferredStyle: .alert)
+        alert.popoverPresentationController?.sourceView = toPresentable().view
+        navigationRouter.present(alert, animated: true)
    }
    
    /// Shows a confirmation dialog to the user to sign out of a session.