OIDC: disable multi session signout for OIDC-aware servers in session manager (#11431)

* util for account url * test cases * disable multi session selection on device list * remove sign out all from context menus when oidc-aware * comment * remove unused param * typo
2023-08-22 14:25:34 +12:00 · 2023-08-22 14:25:34 +12:00 · dfded8d4d3
commit dfded8d4d3
parent 3c52ba0c92
9 changed files with 362 additions and 61 deletions
--- a/src/components/views/settings/tabs/user/SessionManagerTab.tsx
+++ b/src/components/views/settings/tabs/user/SessionManagerTab.tsx
@ -39,6 +39,7 @@ import QuestionDialog from "../../../dialogs/QuestionDialog";
 import { FilterVariation } from "../../devices/filter";
 import { OtherSessionsSectionHeading } from "../../devices/OtherSessionsSectionHeading";
 import { SettingsSection } from "../../shared/SettingsSection";
+import { getDelegatedAuthAccountUrl } from "../../../../../utils/oidc/getDelegatedAuthAccountUrl";

 const confirmSignOut = async (sessionsToSignOutCount: number): Promise<boolean> => {
    const { finished } = Modal.createDialog(QuestionDialog, {
@ -130,6 +131,14 @@ const SessionManagerTab: React.FC = () => {
    const scrollIntoViewTimeoutRef = useRef<number>();

    const matrixClient = useContext(MatrixClientContext);
+    /**
+     * If we have a delegated auth account management URL, all sessions but the current session need to be managed in the
+     * delegated auth provider.
+     * See https://github.com/matrix-org/matrix-spec-proposals/pull/3824
+     */
+    const delegatedAuthAccountUrl = getDelegatedAuthAccountUrl(matrixClient.getClientWellKnown());
+    const disableMultipleSignout = !!delegatedAuthAccountUrl;
+
    const userId = matrixClient?.getUserId();
    const currentUserMember = (userId && matrixClient?.getUser(userId)) || undefined;
    const clientVersions = useAsyncMemo(() => matrixClient.getVersions(), [matrixClient]);
@ -205,11 +214,12 @@ const SessionManagerTab: React.FC = () => {
        setSelectedDeviceIds([]);
    }, [filter, setSelectedDeviceIds]);

-    const signOutAllOtherSessions = shouldShowOtherSessions
-        ? () => {
-              onSignOutOtherDevices(Object.keys(otherDevices));
-          }
-        : undefined;
+    const signOutAllOtherSessions =
+        shouldShowOtherSessions && !disableMultipleSignout
+            ? () => {
+                  onSignOutOtherDevices(Object.keys(otherDevices));
+              }
+            : undefined;

    const [signInWithQrMode, setSignInWithQrMode] = useState<Mode | null>();

@ -250,7 +260,7 @@ const SessionManagerTab: React.FC = () => {
                        heading={
                            <OtherSessionsSectionHeading
                                otherSessionsCount={otherSessionsCount}
-                                signOutAllOtherSessions={signOutAllOtherSessions!}
+                                signOutAllOtherSessions={signOutAllOtherSessions}
                                disabled={!!signingOutDeviceIds.length}
                            />
                        }
@ -280,6 +290,7 @@ const SessionManagerTab: React.FC = () => {
                            setPushNotifications={setPushNotifications}
                            ref={filteredDeviceListRef}
                            supportsMSC3881={supportsMSC3881}
+                            disableMultipleSignout={disableMultipleSignout}
                        />
                    </SettingsSubsection>
                )}