From 39ae01b223e02365d629ef8b7b6f6ec28025b02a Mon Sep 17 00:00:00 2001
From: Dan G <freemvmt@posteo.net>
Date: Thu, 10 Oct 2024 21:02:09 +0100
Subject: [PATCH] [api] remove `/logout` route (do not implement front channel
 logout) (#3759)

---
 api.planx.uk/modules/auth/controller.ts |  8 --------
 api.planx.uk/modules/auth/docs.yaml     | 23 ++++++++++++++++-------
 api.planx.uk/modules/auth/routes.ts     |  2 --
 3 files changed, 16 insertions(+), 17 deletions(-)

diff --git a/api.planx.uk/modules/auth/controller.ts b/api.planx.uk/modules/auth/controller.ts
index b1b5394193..a03fdc4b17 100644
--- a/api.planx.uk/modules/auth/controller.ts
+++ b/api.planx.uk/modules/auth/controller.ts
@@ -7,14 +7,6 @@ export const failedLogin: RequestHandler = (_req, _res, next) =>
     message: "User failed to authenticate",
   });
 
-export const logout: RequestHandler = (req, res) => {
-  // TODO: implement dual purpose as Microsoft frontend logout channel
-  req.logout(() => {
-    // do nothing
-  });
-  res.redirect(process.env.EDITOR_URL_EXT!);
-};
-
 export const handleSuccess = (req: Request, res: Response) => {
   if (!req.user) {
     return res.json({
diff --git a/api.planx.uk/modules/auth/docs.yaml b/api.planx.uk/modules/auth/docs.yaml
index 673e45e531..6377d20268 100644
--- a/api.planx.uk/modules/auth/docs.yaml
+++ b/api.planx.uk/modules/auth/docs.yaml
@@ -6,13 +6,6 @@ tags:
   - name: auth
     description: Authentication related requests
 paths:
-  /logout:
-    get:
-      summary: Logout from the PlanX service
-      tags: ["auth"]
-      responses:
-        "302":
-          description: Redirect to PlanX Editor
   /auth/login/failed:
     get:
       summary: Failed login
@@ -44,3 +37,19 @@ paths:
       responses:
         "200":
           description: OK
+  /auth/microsoft:
+    get:
+      summary: Authenticate via Microsoft SSO
+      description: The first step in Microsoft authentication will involve redirecting the user to login.microsoftonline.com
+      tags: ["auth"]
+      responses:
+        "200":
+          description: OK
+  /auth/microsoft/callback:
+    get:
+      summary: Generate a JWT for an authenticated user
+      description: After authentication, Microsoft will redirect the user back to this route which generates a JWT for the user
+      tags: ["auth"]
+      responses:
+        "200":
+          description: OK
diff --git a/api.planx.uk/modules/auth/routes.ts b/api.planx.uk/modules/auth/routes.ts
index d349f55d94..1cf8d7771c 100644
--- a/api.planx.uk/modules/auth/routes.ts
+++ b/api.planx.uk/modules/auth/routes.ts
@@ -6,8 +6,6 @@ import * as Controller from "./controller.js";
 export default (passport: Authenticator): Router => {
   const router = Router();
 
-  router.get("/logout", Controller.logout);
-  // router.get("/auth/frontchannel-logout", Controller.frontChannelLogout)
   router.get("/auth/login/failed", Controller.failedLogin);
   router.get("/auth/google", Middleware.getGoogleAuthHandler(passport));
   router.get(