Merge pull request #882 from deriv-com/revert-871-fix-cookie-domain

Revert "Fix cookie domain check for Silent Login"

package.json

@@ -107,7 +107,7 @@
     "@binary-com/binary-style": "^0.2.26",
     "@binary-com/webtrader-charts": "^0.6.2",
     "@deriv-com/analytics": "^1.26.1",
-    "@deriv-com/auth-client": "1.3.3",
+    "@deriv-com/auth-client": "1.3.1",
     "@deriv-com/quill-ui": "^1.16.2",
     "@deriv-com/utils": "^0.0.38",
     "@deriv/deriv-api": "^1.0.15",

src/javascript/_common/auth.js

@@ -7,13 +7,14 @@ const {
 } = require('@deriv-com/utils');
 const Cookies = require('js-cookie');
 const requestOidcAuthentication = require('@deriv-com/auth-client').requestOidcAuthentication;
-const handlePostLogout = require('@deriv-com/analytics').handlePostLogout;
 const Analytics = require('./analytics');
 
 export const DEFAULT_OAUTH_LOGOUT_URL = 'https://oauth.deriv.com/oauth2/sessions/logout';
 
 export const DEFAULT_OAUTH_ORIGIN_URL = 'https://oauth.deriv.com';
 
+const LOGOUT_HANDLER_TIMEOUT = 10000;
+
 const SocketURL = {
     [URLConstants.derivP2pProduction]: 'blue.derivws.com',
     [URLConstants.derivP2pStaging]   : 'red.derivws.com',
@@ -79,7 +80,62 @@ export const isOAuth2Enabled = () => {
 };
 
 export const getLogoutHandler = onWSLogoutAndRedirect => {
-    const oAuth2Logout = handlePostLogout(onWSLogoutAndRedirect);
+    const isAuthEnabled = isOAuth2Enabled();
+    let timeout;
+
+    if (!isAuthEnabled) {
+        return onWSLogoutAndRedirect;
+    }
+
+    const cleanup = () => {
+        clearTimeout(timeout);
+
+        const iframe = document.getElementById('logout-iframe');
+        if (iframe) iframe.remove();
+    };
+
+    const onMessage =  event => {
+        if (event.data === 'logout_complete') {
+            const domains = ['deriv.com', 'binary.sx', 'pages.dev', 'localhost'];
+            const currentDomain = window.location.hostname.split('.').slice(-2).join('.');
+            if (domains.includes(currentDomain)) {
+                Cookies.set('logged_state', 'false', {
+                    expires: 30,
+                    path   : '/',
+                    secure : true,
+                });
+            }
+            onWSLogoutAndRedirect();
+            window.removeEventListener('message', onMessage);
+            cleanup();
+        }
+    };
+
+    window.addEventListener('message', onMessage);
+
+    const oAuth2Logout = () => {
+        if (!isAuthEnabled) {
+            onWSLogoutAndRedirect();
+            return;
+        }
+
+        let iframe = document.getElementById('logout-iframe');
+        if (!iframe) {
+            iframe = document.createElement('iframe');
+            iframe.id = 'logout-iframe';
+            iframe.style.display = 'none';
+            document.body.appendChild(iframe);
+
+            timeout = setTimeout(() => {
+                onWSLogoutAndRedirect();
+                window.removeEventListener('message', onMessage);
+                cleanup();
+            }, LOGOUT_HANDLER_TIMEOUT);
+        }
+
+        iframe.src = getOAuthLogoutUrl();
+    };
+
     return oAuth2Logout;
 };
 

src/javascript/app/pages/callback/callback.jsx

@@ -113,6 +113,16 @@ const CallbackContainer = () => {
             }
             getElementById('loading_link').setAttribute('href', redirect_url);
 
+            const domains = ['deriv.com', 'binary.sx', 'pages.dev', 'localhost'];
+            const currentDomain = window.location.hostname.split('.').slice(-2).join('.');
+            if (domains.includes(currentDomain)) {
+                Cookies.set('logged_state', 'true', {
+                    expires: 30,
+                    path   : '/',
+                    secure : true,
+                });
+            }
+
             window.location.href = redirect_url; // need to redirect not using pjax
         });
     };