Added OpenID Connect logout URL to all IDAs and the IDA template (#3133)

ECOM-4609

playbooks/roles/ansible-role-django-ida/templates/defaults/main.yml.j2

@@ -43,6 +43,7 @@
 {{ role_name|upper }}_DJANGO_SETTINGS_MODULE: "{{ role_name }}.settings.production"
 {{ role_name|upper }}_URL_ROOT: 'http://{{ role_name }}:18{{ port_suffix }}'
 {{ role_name|upper }}_OAUTH_URL_ROOT: '{{ EDXAPP_LMS_ISSUER | default("http://127.0.0.1:8000/oauth2") }}'
+{{ role_name|upper }}_OIDC_LOGOUT_URL: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/logout'
 
 {{ role_name|upper }}_SECRET_KEY: 'Your secret key here'
 {{ role_name|upper }}_TIME_ZONE: 'UTC'
@@ -65,6 +66,7 @@
   SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ '{{' }} {{ role_name|upper }}_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ '{{' }} {{ role_name|upper }}_OAUTH_URL_ROOT }}'
   SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ '{{' }} {{ role_name|upper }}_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
+  SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ '{{' }} {{ role_name|upper }}_OIDC_LOGOUT_URL }}'
 
   STATIC_ROOT: "{{ '{{' }} COMMON_DATA_DIR }}/{{ '{{' }} {{ role_name }}_service_name }}/staticfiles"
   # db config

playbooks/roles/credentials/defaults/main.yml

@@ -49,6 +49,7 @@ CREDENTIALS_DJANGO_SETTINGS_MODULE: "credentials.settings.production"
 CREDENTIALS_DOMAIN: 'credentials'
 CREDENTIALS_URL_ROOT: 'http://{{ CREDENTIALS_DOMAIN }}:18150'
 CREDENTIALS_OAUTH_URL_ROOT: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/oauth2'
+CREDENTIALS_OIDC_LOGOUT_URL: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/logout'
 
 CREDENTIALS_SECRET_KEY: 'SET-ME-TO-A-UNIQUE-LONG-RANDOM-STRING'
 CREDENTIALS_TIME_ZONE: 'UTC'
@@ -161,6 +162,7 @@ CREDENTIALS_SERVICE_CONFIG:
   SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ CREDENTIALS_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ CREDENTIALS_OAUTH_URL_ROOT }}'
   SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ CREDENTIALS_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
+  SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ CREDENTIALS_OIDC_LOGOUT_URL }}'
 
   # db config
   DATABASE_OPTIONS:

playbooks/roles/discovery/defaults/main.yml

@@ -55,6 +55,7 @@ DISCOVERY_VERSION: "master"
 DISCOVERY_DJANGO_SETTINGS_MODULE: "course_discovery.settings.production"
 DISCOVERY_URL_ROOT: 'http://discovery:18381'
 DISCOVERY_OAUTH_URL_ROOT: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/oauth2'
+DISCOVERY_OIDC_LOGOUT_URL: '{{ EDXAPP_LMS_ROOT_URL | default("http://127.0.0.1:8000") }}/logout'
 
 DISCOVERY_EDX_DRF_EXTENSIONS:
   OAUTH2_USER_INFO_URL: '{{ DISCOVERY_OAUTH_URL_ROOT }}/user_info'
@@ -92,6 +93,7 @@ DISCOVERY_SERVICE_CONFIG:
   SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ DISCOVERY_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ DISCOVERY_OAUTH_URL_ROOT }}'
   SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ DISCOVERY_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
+  SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ DISCOVERY_OIDC_LOGOUT_URL }}'
 
   STATIC_ROOT: "{{ COMMON_DATA_DIR }}/{{ discovery_service_name }}/staticfiles"
   # db config

playbooks/roles/ecommerce/defaults/main.yml

@@ -157,6 +157,7 @@ ECOMMERCE_SERVICE_CONFIG:
   SOCIAL_AUTH_EDX_OIDC_SECRET: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ ECOMMERCE_LMS_URL_ROOT }}/oauth2'
+  SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}/logout'
   SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ ECOMMERCE_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
   SEGMENT_KEY: '{{ ECOMMERCE_SEGMENT_KEY }}'
   AFFILIATE_COOKIE_KEY: '{{ ECOMMERCE_AFFILIATE_COOKIE_NAME }}'

playbooks/roles/insights/defaults/main.yml

@@ -25,6 +25,7 @@ INSIGHTS_SUPPORT_EMAIL: ''
 INSIGHTS_CMS_COURSE_SHORTCUT_BASE_URL: '{{ INSIGHTS_LMS_BASE }}/course'
 INSIGHTS_OAUTH2_SECRET: 'secret'
 INSIGHTS_OAUTH2_URL_ROOT: '{{ INSIGHTS_LMS_BASE }}/oauth2'
+INSIGHTS_OIDC_LOGOUT_URL: '{{ INSIGHTS_LMS_BASE }}/logout'
 INSIGHTS_OAUTH2_APP_CLIENT_NAME: insights
 INSIGHTS_OAUTH2_APP_USERNAME: staff
 INSIGHTS_OAUTH2_APP_COMPLETE_URL: '{{ INSIGHTS_BASE_URL }}/complete/edx-oidc/'
@@ -87,6 +88,7 @@ INSIGHTS_CONFIG:
   SOCIAL_AUTH_EDX_OIDC_KEY: '{{ INSIGHTS_OAUTH2_KEY }}'
   SOCIAL_AUTH_EDX_OIDC_SECRET: '{{ INSIGHTS_OAUTH2_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ INSIGHTS_OAUTH2_URL_ROOT }}'
+  SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ INSIGHTS_OIDC_LOGOUT_URL }}'
   # This value should be the same as SOCIAL_AUTH_EDX_OIDC_SECRET
   SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ INSIGHTS_OAUTH2_SECRET }}'
   ENABLE_AUTO_AUTH: '{{ INSIGHTS_ENABLE_AUTO_AUTH }}'

playbooks/roles/programs/defaults/main.yml

@@ -48,6 +48,7 @@ PROGRAMS_SOCIAL_AUTH_EDX_OIDC_KEY : 'programs-key'
 PROGRAMS_SOCIAL_AUTH_EDX_OIDC_SECRET : 'programs-secret'
 PROGRAMS_SOCIAL_AUTH_REDIRECT_IS_HTTPS: false
 PROGRAMS_SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ PROGRAMS_LMS_URL_ROOT }}/oauth2'
+PROGRAMS_SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ PROGRAMS_LMS_URL_ROOT }}/logout'
 
 PROGRAMS_PLATFORM_NAME: 'Your Platform Name Here'
 
@@ -103,6 +104,7 @@ PROGRAMS_SERVICE_CONFIG:
   SOCIAL_AUTH_EDX_OIDC_SECRET: '{{ PROGRAMS_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ PROGRAMS_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
   SOCIAL_AUTH_EDX_OIDC_URL_ROOT: '{{ PROGRAMS_SOCIAL_AUTH_EDX_OIDC_URL_ROOT }}'
+  SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL: '{{ PROGRAMS_SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL }}'
   SOCIAL_AUTH_REDIRECT_IS_HTTPS: '{{ PROGRAMS_SOCIAL_AUTH_REDIRECT_IS_HTTPS }}'
 
   STATIC_ROOT: '{{ PROGRAMS_DATA_DIR }}/staticfiles'