Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/oauth2/sign_out end point should redirect the user to the providers end_session_endpoint by default #2372

Closed
9876691 opened this issue Dec 31, 2023 · 3 comments
Closed

/oauth2/sign_out end point should redirect the user to the providers end_session_endpoint by default #2372

9876691 opened this issue Dec 31, 2023 · 3 comments
Labels
Stale

Comments

@9876691
Copy link

9876691 commented Dec 31, 2023
edited
Loading

Expected Behavior

When I refer the user to /oauth2/sign_out then after oauth2 proxy deletes it's cookies it would be great if we redirect the user to the end session end point. end_session_endpoint

Also, perhaps we shouldn't need to add the URL to a whitelist, as it's already defined in the openid configuration.

Current Behavior

Currently my application needs to know the end session endpoint and include that in the rd redirect parameter. I also have to manage a white list.

Apart from that my app is unaware of the OIDC config.

Possible Solution

If I don't supply the rd redirect then perhaps forward the user to the end_session_endpoint by default?

I'm not sure of the consequences of this for other users, but for me this would have saved some time figuring out the sign out mechanism.

Context

Currently we will have to build code to pass the end_session_endpoint into the app, then add this to an rd parameter.

But the config already exists in Oauth2 so it seems a shame not to use it.
@9876691 9876691 mentioned this issue Dec 31, 2023
Closed
10 tasks
@9876691 9876691 changed the title /oath2/sign-out end point should redirect the user to the providers end session end point by default /oath2/sign-out end point should redirect the user to the providers end_session_endpoint by default Dec 31, 2023
@9876691 9876691 changed the title /oath2/sign-out end point should redirect the user to the providers end_session_endpoint by default /oath2/sign_out end point should redirect the user to the providers end_session_endpoint by default Dec 31, 2023
@9876691 9876691 changed the title /oath2/sign_out end point should redirect the user to the providers end_session_endpoint by default /oauth2/sign_out end point should redirect the user to the providers end_session_endpoint by default Dec 31, 2023
@9876691 9876691 mentioned this issue Jan 1, 2024
Closed
@robertsmaoui
Copy link

@tomtaylor @dhowden

@JoelSpeed
Copy link
Member

Does the recently merged #1876 help here at all?

@github-actions GitHub Actions
Copy link
Contributor

This issue has been inactive for 60 days. If the issue is still relevant please comment to re-activate the issue. If no action is taken within 7 days, the issue will be marked closed.

@github-actions github-actions bot added the Stale label Apr 22, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale May 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@9876691 @robertsmaoui @JoelSpeed