Error on logout

[H0neyBadger]

On web browser : {"error_description": null, "error": "Not allowed!"}

[maennel]

Hi,

I get the same message (trying to get OP2/RP2 with password authN running).

It is thrown here:
https://github.com/rohe/pyoidc/blob/a9b5db50c977c93a1b76e446a7340fef7c23fc87/src/oic/oic/provider.py#L463

Most probably, there's something wrong in the verification process, not returning a redirect_uri:
https://github.com/rohe/pyoidc/blob/a9b5db50c977c93a1b76e446a7340fef7c23fc87/src/oic/oic/provider.py#L417

However, I couldn't figure out yet WHAT is going wrong.

Thanks,
-Manuel

[maennel]

Hi,

I managed to get the logout work. Therefore, the following modifications were necessary:

• Add ACR_VALUES to the "endsession"-query issued by the RP
• Adapted ACR_VALUES parsing on the OP(2) (and the files inside the oic)
• Fixed session deletion (which was obviously not tested)
• Added more precise (and verbose) error messages

@rohe Feel free to have a look at my branch https://github.com/maennel/pyoidc/tree/bugfix_logout and take over code from there. I did not create a Pull Request, since I have not (yet) adapted tests and I have done other modifications that have nothing to do with "logout".

-Manuel