proxyauth: send user to oidc login instead of /login

src/proxyauth.js

@@ -12,6 +12,7 @@ const apps = require('./apps.js'),
     basicAuth = require('basic-auth'),
     blobs = require('./blobs.js'),
     constants = require('./constants.js'),
+    dashboard = require('./dashboard.js'),
     debug = require('debug')('box:proxyAuth'),
     express = require('express'),
     hat = require('./hat.js'),
@@ -150,9 +151,12 @@ async function logout(req, res, next) {
 
     res.clearCookie('authToken');
 
+    const oidcProviderFqdn = (await dashboard.getLocation()).fqdn;
+    const oidcLoginURI = `https://${oidcProviderFqdn}/openid/auth?client_id=${app.id}&scope=openid profile email&response_type=code&redirect_uri=https://${app.fqdn}/callback`;
+
     // when we have no path, redirect to the login page. we cannot redirect to '/' because browsers will immediately serve up the cached page
     // if a path is set, we can assume '/' is a public page
-    res.redirect(302, app.manifest.addons.proxyAuth.path ? '/' : '/login');
+    res.redirect(302, app.manifest.addons.proxyAuth.path ? '/' : oidcLoginURI);
 }
 
 // provides webhooks for the auth wall