From 80c748820a94c28fa6c5dcf14bb4ab1682c3d1ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Thu, 16 Jun 2016 16:13:04 +0200
Subject: [PATCH] misc: force another auth.logout() after coming back from the
 IdP (#11394)

---
 mellon/views.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/mellon/views.py b/mellon/views.py
index 7bab9a3..49cad32 100644
--- a/mellon/views.py
+++ b/mellon/views.py
@@ -421,6 +421,10 @@ class LogoutView(ProfileMixin, LogMixin, View):
     def sp_logout_response(self, request):
         '''Launch a logout request to the identity provider'''
         self.profile = logout = utils.create_logout(request)
+        # the user shouldn't be logged anymore at this point but it may happen
+        # that a concurrent SSO happened in the meantime, so we do another
+        # logout to make sure.
+        auth.logout(request)
         try:
             logout.processResponseMsg(request.META['QUERY_STRING'])
         except lasso.LogoutPartialLogoutError: