From 506543d6a0cbdfbe792634543521fab4b3904a8b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Alby?= <timothee.alby@gmail.com>
Date: Thu, 20 Feb 2020 11:08:18 -0500
Subject: [PATCH] Merge pull request #2605 from overleaf/jel-sso-registration

Do not block SSO registration on nonessential errors

GitOrigin-RevId: c9d6a7803aa8a48dbc1a8aae84d6f2588bad654e
---
 .../web/app/src/Features/User/UserController.js  |  9 +++++++--
 .../test/unit/src/User/UserControllerTests.js    | 16 ++++++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/services/web/app/src/Features/User/UserController.js b/services/web/app/src/Features/User/UserController.js
index bbf59d3849..1912eb3467 100644
--- a/services/web/app/src/Features/User/UserController.js
+++ b/services/web/app/src/Features/User/UserController.js
@@ -16,6 +16,7 @@ const OError = require('@overleaf/o-error')
 const HttpErrors = require('@overleaf/o-error/http')
 const EmailHandler = require('../Email/EmailHandler')
 const UrlHelper = require('../Helpers/UrlHelper')
+const { promisify } = require('util')
 
 const UserController = {
   tryDeleteUser(req, res, next) {
@@ -231,7 +232,7 @@ const UserController = {
     })
   },
 
-  _doLogout(req, cb) {
+  doLogout(req, cb) {
     metrics.inc('user.logout')
     const user = AuthenticationController.getSessionUser(req)
     logger.log({ user }, 'logging out')
@@ -258,7 +259,7 @@ const UserController = {
       : undefined
     const redirectUrl = requestedRedirect || '/login'
 
-    UserController._doLogout(req, err => {
+    UserController.doLogout(req, err => {
       if (err != null) {
         return next(err)
       }
@@ -397,4 +398,8 @@ const UserController = {
   }
 }
 
+UserController.promises = {
+  doLogout: promisify(UserController.doLogout)
+}
+
 module.exports = UserController
diff --git a/services/web/test/unit/src/User/UserControllerTests.js b/services/web/test/unit/src/User/UserControllerTests.js
index f0c344362b..a83f3a330a 100644
--- a/services/web/test/unit/src/User/UserControllerTests.js
+++ b/services/web/test/unit/src/User/UserControllerTests.js
@@ -44,6 +44,7 @@ describe('UserController', function() {
           email: 'old@something.com'
         }
       },
+      sessionID: '123',
       body: {},
       i18n: {
         translate: text => text
@@ -461,6 +462,21 @@ describe('UserController', function() {
       return this.UserController.logout(this.req, this.res)
     })
 
+    it('should untrack session', function(done) {
+      this.req.session.destroy = sinon.stub().callsArgWith(0)
+      this.SudoModeHandler.clearSudoMode = sinon.stub()
+      this.res.redirect = url => {
+        url.should.equal('/login')
+        this.UserSessionsManager.untrackSession.callCount.should.equal(1)
+        this.UserSessionsManager.untrackSession
+          .calledWith(sinon.match(this.req.user), this.req.sessionID)
+          .should.equal(true)
+        return done()
+      }
+
+      return this.UserController.logout(this.req, this.res)
+    })
+
     it('should redirect after logout', function(done) {
       this.req.body.redirect = '/institutional-login'
       this.req.session.destroy = sinon.stub().callsArgWith(0)