Allow unrestricted access to the logout endpoint

Gcolon021 · Gcolon021 · commit 6e21b1518fb2 · 2024-09-18T09:43:51.000-04:00
Added "/logout" to the list of permitted endpoints in SecurityConfig. This ensures that users can log out without requiring authentication.
diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/config/SecurityConfig.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/config/SecurityConfig.java
@@ -60,7 +60,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                                     "/swagger.json",
                                     "/user/me/queryTemplate",
                                     "/user/me/queryTemplate/**",
-                                    "/open/validate"
+                                    "/open/validate",
+                                    "/logout"
                             ).permitAll()
                             .anyRequest().authenticated()
                 )
