Logout from Chamilo redirects to OAuth2 server logout URL - refs BT#16734

main/inc/lib/online.inc.php

@@ -182,8 +182,10 @@ function online_logout($user_id = null, $logout_redirect = false)
         if (!isset($oAuth2Plugin)) {
             $oAuth2Plugin = OAuth2::create();
         }
-        $accessToken = new \League\OAuth2\Client\Token\AccessToken(ChamiloSession::read('oauth2AccessToken'));
-        $oAuth2Plugin->logout($accessToken->getToken());
+        $logoutUrl = $oAuth2Plugin->getLogoutUrl();
+        if (!empty($logoutUrl)) {
+            $url = $logoutUrl;
+        }
     }
 
     api_delete_firstpage_parameter();

plugin/oauth2/lang/english.php

@@ -88,7 +88,7 @@ There can be more than one <code>*</code> in this key expression.
 </ul>';
 
 $strings['logout_url'] = 'Logout URL';
-$strings['logout_url_help'] = 'If this URL is set, the OAuth2 token will be POSTed to it at user logout.';
+$strings['logout_url_help'] = 'If set, the user agent will be redirected to this URL at logout.';
 
 $strings['block_name'] = 'Block name';
 $strings['block_name_help'] = 'The title shown above the <em>OAuth2</em> Login button';

plugin/oauth2/src/OAuth2.php

@@ -363,12 +363,9 @@ class OAuth2 extends Plugin
         return api_get_path(WEB_PLUGIN_PATH).$this->get_name().'/src/callback.php';
     }
 
-    public function logout($token)
+    public function getLogoutUrl()
     {
-        $url = $this->get(self::SETTING_LOGOUT_URL);
-        if ($url) {
-            (new GuzzleHttp\Client())->post($url, [ 'body' => $token ]);
-        }
+        return $this->get(self::SETTING_LOGOUT_URL);
     }
 
     /**