feat(oidc): support POST end_session_endpoint (logout) #1473

tcompiegne · 2021-12-02T09:35:50Z

leleueri

I did a quick review of the code base (I will do another hit later) but during my tests I found following issues :

when the "single sign out" is enabled, the op_id_token is present into the AM id_token, is it expected ? Until now, we filter thisi attribute
when the "single sign out" is enabled, If I call the logout endpoint using GET method and the id_token_hint parameter, the External IDP (Azure AD) rises and error. (The logout on azure work if the id_token_hint isn't provided)

leleueri · 2021-12-03T13:59:45Z

as discussed on slack, these two issues are not related to this PR.

feat(oidc): support POST end_session_endpoint (logout)

b334490

closes gravitee-io/issues#6643

tcompiegne force-pushed the issues/#6643-post-logout-endpoint branch from bd151d6 to b334490 Compare December 3, 2021 09:26

leleueri self-assigned this Dec 3, 2021

leleueri requested changes Dec 3, 2021

View reviewed changes

leleueri approved these changes Dec 6, 2021

View reviewed changes

leleueri merged commit e22039c into 3.10.x Dec 6, 2021

leleueri deleted the issues/#6643-post-logout-endpoint branch December 6, 2021 09:49

Provide feedback