add /logout path to delete cookies (#8)

proxy/logoutHandler.go

@@ -0,0 +1,19 @@
+package proxy
+
+import (
+	_ "embed" //embed web resources for login page
+	"fmt"
+	"net/http"
+)
+
+// logoutGetHandler delete auth cookies
+func logoutGetHandler(w http.ResponseWriter, r *http.Request) {
+
+	// Call token cookie deletion helper
+	err := deleteTokenCookie(w, r)
+	if err != nil {
+		fmt.Printf("deleting token cookie: %s\n", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+}

proxy/server.go

@@ -17,6 +17,7 @@ func Server(loginURL, guestClusterName, proxyURL string) error {
 	r.HandleFunc("/*", proxyHandler(proxyURL))
 	r.Get("/login", loginGetHandler)
 	r.Post("/login", loginPostHandler(loginURL, guestClusterName))
+	r.Get("/logout", logoutGetHandler)
 
 	// Serve requests
 	return http.ListenAndServe(":8080", r)

proxy/tokenHelpers.go

@@ -6,6 +6,7 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
+	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -55,6 +56,27 @@ func getTokenCookie(r *http.Request) (string, error) {
 	return token, nil
 }
 
+func deleteTokenCookie(w http.ResponseWriter, r *http.Request) error {
+
+	// Delete proxy_auth_token_parts cookie
+	http.SetCookie(w, &http.Cookie{Name: "proxy_auth_token_parts", Value: "", MaxAge: 0})
+
+	// Compile regex to extract token parts cookies
+	cookieRegex, err := regexp.Compile("proxy_auth_token_.*")
+	if err != nil {
+		return fmt.Errorf("compiling proxy auth token regex: %s\n", err)
+	}
+
+	// List token parts cookies
+	for _, cookie := range r.Cookies() {
+		if cookieRegex.MatchString(cookie.Name) {
+			http.SetCookie(w, &http.Cookie{Name: cookie.Name, Value: "", MaxAge: 0})
+		}
+	}
+
+	return nil
+}
+
 // tokenExpired checks if JWT token is expired
 func tokenExpired(rawToken string) (bool, error) {
 	// Split Header/Payload/Signature parts of JWT token