From a173048df11429dc377570a35f2aa10c3b34f9cc Mon Sep 17 00:00:00 2001
From: Slavek Kabrda <bkabrda@redhat.com>
Date: Feb 28 2018 13:53:49 +0000
Subject: Fix oidc logout with admin_session_timedout


We need to make sure that values set by our oidc logic on flask.g and
flask.session are reset on logout.

Without this, the oidc login machinery will wrongly reconstruct
flask.f.fas_user, thus triggering an endless redirect loop
between oidc provider and Pagure server.

---

diff --git a/pagure/flask_app.py b/pagure/flask_app.py
index 935f167..5ee403a 100644
--- a/pagure/flask_app.py
+++ b/pagure/flask_app.py
@@ -207,8 +207,8 @@ def logout():
             from pagure.ui.fas_login import FAS
             FAS.logout()
     elif auth == 'oidc':
-        from pagure.ui.oidc_login import oidc
-        oidc.logout()
+        from pagure.ui.oidc_login import oidc_logout
+        oidc_logout()
     elif auth == 'local':
         import pagure.ui.login as login
         login.logout()
diff --git a/pagure/ui/oidc_login.py b/pagure/ui/oidc_login.py
index d110185..72f1068 100644
--- a/pagure/ui/oidc_login.py
+++ b/pagure/ui/oidc_login.py
@@ -129,3 +129,9 @@ def set_user():
         # Ensure the user is logged out if we cannot set them up
         # correctly
         logout()
+
+
+def oidc_logout():
+    flask.g.fas_user = None
+    del flask.session['oidc_logintime']
+    oidc.logout()