From b63b8325bf0f7cb9f714b0876d4fb9dfc83b7283 Mon Sep 17 00:00:00 2001
From: Douglas Hall <dhall@edx.org>
Date: Thu, 25 Oct 2018 15:10:03 -0400
Subject: [PATCH] Allow for logout redirect with EdXOAuth2 backend.

---
 auth_backends/__init__.py            |  2 +-
 auth_backends/backends.py            | 13 ++++++++++++-
 auth_backends/tests/test_backends.py | 13 ++++++++++++-
 3 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/auth_backends/__init__.py b/auth_backends/__init__.py
index 0d1d43d7..67a06d06 100644
--- a/auth_backends/__init__.py
+++ b/auth_backends/__init__.py
@@ -3,4 +3,4 @@
  These package is designed to be used primarily with Open edX Django projects, but should be compatible with non-edX
  projects as well.
 """
-__version__ = '1.1.5'  # pragma: no cover
+__version__ = '1.2.0'  # pragma: no cover
diff --git a/auth_backends/backends.py b/auth_backends/backends.py
index a6d4721a..b0d3b86e 100644
--- a/auth_backends/backends.py
+++ b/auth_backends/backends.py
@@ -244,7 +244,18 @@ class EdXOAuth2(EdXBackendMixin, BaseOAuth2):
 
     @property
     def logout_url(self):
-        return self.end_session_url()
+        params = {
+            'client_id': self.setting('KEY'),
+        }
+
+        redirect_url = self.setting('LOGOUT_REDIRECT_URL')
+        if redirect_url:
+            params.update({'redirect_url': redirect_url})
+
+        return '{}?{}'.format(
+            self.end_session_url(),
+            six.moves.urllib.parse.urlencode(params),
+        )
 
     def authorization_url(self):
         return '{}/oauth2/authorize'.format(self.setting('URL_ROOT'))
diff --git a/auth_backends/tests/test_backends.py b/auth_backends/tests/test_backends.py
index 3fdeb479..c08728e8 100644
--- a/auth_backends/tests/test_backends.py
+++ b/auth_backends/tests/test_backends.py
@@ -181,6 +181,7 @@ class EdXOAuth2Tests(OAuth2Test):
     client_secret = 'a-secret-key'
     expected_username = 'jsmith'
     url_root = 'https://example.com'
+    logout_redirect_url = 'https://example.com/logout_redirect'
 
     def setUp(self):
         cache.clear()
@@ -243,6 +244,7 @@ def extra_settings(self):
             'SOCIAL_AUTH_{0}_KEY'.format(self.name): self.client_key,
             'SOCIAL_AUTH_{0}_SECRET'.format(self.name): self.client_secret,
             'SOCIAL_AUTH_{0}_URL_ROOT'.format(self.name): self.url_root,
+            'SOCIAL_AUTH_{0}_LOGOUT_REDIRECT_URL'.format(self.name): self.logout_redirect_url,
         })
         return settings
 
@@ -254,7 +256,16 @@ def test_partial_pipeline(self):
 
     def test_logout_url(self):
         """ The property should return the provider's logout URL. """
-        self.assertEqual(self.backend.logout_url, '{}/logout'.format(self.url_root))
+        self.assertEqual(
+            self.backend.logout_url,
+            '{}/logout?{}'.format(
+                self.url_root,
+                six.moves.urllib.parse.urlencode({
+                    'client_id': self.client_key,
+                    'redirect_url': self.logout_redirect_url,
+                })
+            )
+        )
 
     def test_end_session_url(self):
         """ The method should return the provider's logout URL. """