Add post_logout_redirect_uris field to application views (#1285)

* Add post_logout_redirect_uris field to application views

* Update docs

Author: tonial

CHANGELOG.md

@@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 * #1273 Add caching of loading of OIDC private key.
+* #1285 Add post_logout_redirect_uris field in application views.
 
 - ### Fixed
 * #1284 Allow to logout whith no id_token_hint even if the browser session already expired

docs/templates.rst

@@ -165,6 +165,7 @@ This template gets passed the following template context variables:
     - ``client_type``
     - ``authorization_grant_type``
     - ``redirect_uris``
+    - ``post_logout_redirect_uris``
 
 .. caution::
     In the default implementation this template in extended by `application_registration_form.html`_.
@@ -184,6 +185,7 @@ This template gets passed the following template context variable:
     - ``client_type``
     - ``authorization_grant_type``
     - ``redirect_uris``
+    - ``post_logout_redirect_uris``
 
 .. note::
     In the default implementation this template extends `application_form.html`_.

oauth2_provider/templates/oauth2_provider/application_detail.html

@@ -30,6 +30,11 @@ <h3 class="block-center-heading">{{ application.name }}</h3>
                 <p><b>{% trans "Redirect Uris" %}</b></p>
                 <textarea class="input-block-level" readonly>{{ application.redirect_uris }}</textarea>
             </li>
+
+            <li>
+                <p><b>{% trans "Post Logout Redirect Uris" %}</b></p>
+                <textarea class="input-block-level" readonly>{{ application.post_logout_redirect_uris }}</textarea>
+            </li>
         </ul>
 
         <div class="btn-toolbar">

oauth2_provider/views/application.py

@@ -37,6 +37,7 @@ def get_form_class(self):
                 "client_type",
                 "authorization_grant_type",
                 "redirect_uris",
+                "post_logout_redirect_uris",
                 "algorithm",
             ),
         )
@@ -95,6 +96,7 @@ def get_form_class(self):
                 "client_type",
                 "authorization_grant_type",
                 "redirect_uris",
+                "post_logout_redirect_uris",
                 "algorithm",
             ),
         )

tests/test_application_views.py

@@ -46,6 +46,7 @@ def test_application_registration_user(self):
             "client_secret": "client_secret",
             "client_type": Application.CLIENT_CONFIDENTIAL,
             "redirect_uris": "http://example.com",
+            "post_logout_redirect_uris": "http://other_example.com",
             "authorization_grant_type": Application.GRANT_AUTHORIZATION_CODE,
             "algorithm": "",
         }
@@ -55,13 +56,22 @@ def test_application_registration_user(self):
 
         app = get_application_model().objects.get(name="Foo app")
         self.assertEqual(app.user.username, "foo_user")
+        app = Application.objects.get()
+        self.assertEquals(app.name, form_data["name"])
+        self.assertEquals(app.client_id, form_data["client_id"])
+        self.assertEquals(app.redirect_uris, form_data["redirect_uris"])
+        self.assertEquals(app.post_logout_redirect_uris, form_data["post_logout_redirect_uris"])
+        self.assertEquals(app.client_type, form_data["client_type"])
+        self.assertEquals(app.authorization_grant_type, form_data["authorization_grant_type"])
+        self.assertEquals(app.algorithm, form_data["algorithm"])
 
 
 class TestApplicationViews(BaseTest):
     def _create_application(self, name, user):
         app = Application.objects.create(
             name=name,
             redirect_uris="http://example.com",
+            post_logout_redirect_uris="http://other_example.com",
             client_type=Application.CLIENT_CONFIDENTIAL,
             authorization_grant_type=Application.GRANT_AUTHORIZATION_CODE,
             user=user,
@@ -93,9 +103,37 @@ def test_application_detail_owner(self):
 
         response = self.client.get(reverse("oauth2_provider:detail", args=(self.app_foo_1.pk,)))
         self.assertEqual(response.status_code, 200)
+        self.assertContains(response, self.app_foo_1.name)
+        self.assertContains(response, self.app_foo_1.redirect_uris)
+        self.assertContains(response, self.app_foo_1.post_logout_redirect_uris)
+        self.assertContains(response, self.app_foo_1.client_type)
+        self.assertContains(response, self.app_foo_1.authorization_grant_type)
 
     def test_application_detail_not_owner(self):
         self.client.login(username="foo_user", password="123456")
 
         response = self.client.get(reverse("oauth2_provider:detail", args=(self.app_bar_1.pk,)))
         self.assertEqual(response.status_code, 404)
+
+    def test_application_udpate(self):
+        self.client.login(username="foo_user", password="123456")
+
+        form_data = {
+            "client_id": "new_client_id",
+            "redirect_uris": "http://new_example.com",
+            "post_logout_redirect_uris": "http://new_other_example.com",
+            "client_type": Application.CLIENT_PUBLIC,
+            "authorization_grant_type": Application.GRANT_OPENID_HYBRID,
+        }
+        response = self.client.post(
+            reverse("oauth2_provider:update", args=(self.app_foo_1.pk,)),
+            data=form_data,
+        )
+        self.assertRedirects(response, reverse("oauth2_provider:detail", args=(self.app_foo_1.pk,)))
+
+        self.app_foo_1.refresh_from_db()
+        self.assertEquals(self.app_foo_1.client_id, form_data["client_id"])
+        self.assertEquals(self.app_foo_1.redirect_uris, form_data["redirect_uris"])
+        self.assertEquals(self.app_foo_1.post_logout_redirect_uris, form_data["post_logout_redirect_uris"])
+        self.assertEquals(self.app_foo_1.client_type, form_data["client_type"])
+        self.assertEquals(self.app_foo_1.authorization_grant_type, form_data["authorization_grant_type"])