New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add logoutredirect URL to oauth-proxy #176
add logoutredirect URL to oauth-proxy #176
Conversation
/lgtm |
/hold just want to hold for manual testing before we commit. |
/hold This proved the concept, but it may make more sense to accept a redirect URL as a query param alongside a CSRF token of some kind. I think I see this happening for the github logout. I suppose it is possible to provide the other option at some point in the future. I'm not familiar enough with browser repercussions to make the choice for a query param without research. |
The options for exposure are...
We should go with option 1 |
/hold cancel |
This can wait until after 4.5. |
LGTM. What is the value we should us or how may we discover the correct one? |
I think you have to have a way to accept user input into your operator. We’ve found these sign out URLs for commonly used IdPs: |
Sgtm. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: deads2k, stlaz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold |
Master is open again. /hold cancel |
/retest Please review the full test history for this PR and help us cut down flakes. |
3 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
1 similar comment
/retest Please review the full test history for this PR and help us cut down flakes. |
Adds
-logout-url=url-to-log-out-of-sso
to be peer to https://github.com/openshift/api/blob/master/config/v1/types_console.go#L50-L63I think this is logically comparable to https://github.com/openshift/console/blob/4efd97f82f824f56da6a1a627dbbd9d677ba9b63/frontend/public/module/auth.js#L72-L80
/assign @stlaz
/cc @jcantrill
The options for exposure are...
We should go with option 1