Geo: Single Sign Out

When a user, in a Geo (#76) secondary node clicks the sign out button, we only sign the user out on secondary node. This is a bit confusing because the user is redirected to primary node, which looks the same without any visible clue.

This is also problematic when GitLab requires authentication because when you visit Geo secondary node, you get redirected to primary and if you are already logged in there, you get redirected back to secondary and get logged in.

Proposal

When we log out the user from a secondary node, we should redirect him back to a specific location in primary node where we will log him out from that node too. To prevent a CSRF logging out the user, we can include a salt and generate an HMAC based on current user access token (this logic is similar to how we sign return_to we send via state in authorization request.

This is a "poor man's single sign out implementation" suitable for our own problem.

cc @dzaporozhets @DouweM

Reassigned to @brodock

@brodock Sounds good to me!

mentioned in issue #76

mentioned in merge request !380 (merged)

Status changed to closed by merge request !380 (merged)

mentioned in commit 031c003a

mentioned in commit 97c33da9

mentioned in issue #650 (closed)

Mentioned in issue #76

Mentioned in commit 97c33da9

Mentioned in commit 031c003a