Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: propagate logout to identity provider #3596

Merged
merged 7 commits into from
Aug 14, 2023
Merged

feat: propagate logout to identity provider #3596

merged 7 commits into from
Aug 14, 2023

Conversation

hperl
Copy link
Contributor

@hperl hperl commented Aug 4, 2023

If the user logs out of Hydra, we want to propagate this to a connected Ory Kratos instance so that the user is also logged out there.

Related issue(s)

Part of https://github.com/ory-corp/cloud/issues/5038

Checklist

  • I have read the contributing guidelines.
  • I have referenced an issue containing the design document if my change
    introduces a new feature.
  • I am following the
    contributing code guidelines.
  • I have read the security policy.
  • I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security vulnerability, I
    confirm that I got the approval (please contact
    security@ory.sh) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further Comments

@hperl hperl requested a review from aeneasr as a code owner August 4, 2023 12:08
@hperl hperl marked this pull request as draft August 4, 2023 12:09
hperl
hperl commented Aug 4, 2023
View reviewed changes
driver/registry_base.go Outdated Show resolved Hide resolved
hperl
hperl commented Aug 4, 2023
View reviewed changes
consent/strategy_default.go Outdated Show resolved Hide resolved
@hperl hperl force-pushed the logout-notify-idp branch 4 times, most recently from 017859b to bf7b3ef Compare August 10, 2023 10:51
@hperl hperl mentioned this pull request Aug 10, 2023
Merged
7 tasks
@hperl hperl requested review from alnr and jonas-jonas August 10, 2023 11:53
@hperl hperl marked this pull request as ready for review August 10, 2023 11:53
jonas-jonas
jonas-jonas previously approved these changes Aug 10, 2023
View reviewed changes
flow/consent_types.go Outdated Show resolved Hide resolved
alnr
alnr reviewed Aug 10, 2023
View reviewed changes
flow/consent_types.go Outdated Show resolved Hide resolved
alnr
alnr reviewed Aug 10, 2023
View reviewed changes
consent/strategy_default.go Outdated Show resolved Hide resolved
@codecov
Copy link

codecov bot commented Aug 10, 2023
edited
Loading

Codecov Report

Merging #3596 (5704640) into master (1d73d83) will increase coverage by 0.03%.
Report is 1 commits behind head on master.
The diff coverage is n/a.

❗ Current head 5704640 differs from pull request most recent head 0a241c5. Consider uploading reports for the commit 0a241c5 to get more accurate results

@@            Coverage Diff             @@
##           master    #3596      +/-   ##
==========================================
+ Coverage   76.26%   76.29%   +0.03%     
==========================================
  Files         132      132              
  Lines        9930     9974      +44     
==========================================
+ Hits         7573     7610      +37     
- Misses       1840     1845       +5     
- Partials      517      519       +2

see 11 files with indirect coverage changes

@hperl hperl requested review from alnr and jonas-jonas August 10, 2023 14:09
@hperl
feat: propagate logout to identity provider
f21381f 
This commit improves the integration between Hydra and Kratos when logging
out the user.

This adds a new configuration key for configuring a Kratos admin URL.
Additionally, Kratos can send a session ID when accepting a login request.
If a session ID was specified and a Kratos admin URL was configured,
Hydra will disable the corresponding Kratos session through the admin API
if a frontchannel or backchannel logout was triggered.
@hperl
fix: add special case for MySQL
4649f4d
@hperl hperl self-assigned this Aug 10, 2023
alnr
alnr previously approved these changes Aug 11, 2023
View reviewed changes
aeneasr
aeneasr requested changes Aug 14, 2023
View reviewed changes
Copy link
Member

@aeneasr aeneasr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! Few things:

  • naming (config, api, db)
  • test for migration
  • ConfirmLoginSession does not set login session id correctly+

consent/strategy_default.go Show resolved Hide resolved
driver/config/provider.go Outdated Show resolved Hide resolved
flow/consent_types.go Outdated Show resolved Hide resolved
flow/flow.go Outdated Show resolved Hide resolved
persistence/sql/migrations/20230809122501000001_add_kratos_session_id.up.sql Outdated Show resolved Hide resolved
persistence/sql/persister_consent.go Outdated Show resolved Hide resolved
persistence/sql/persister_consent.go Outdated Show resolved Hide resolved
@hperl hperl requested a review from aeneasr August 14, 2023 10:04
@hperl hperl merged commit c004fee into master Aug 14, 2023
28 checks passed
@hperl hperl deleted the logout-notify-idp branch August 14, 2023 10:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kmherrmann kmherrmann kmherrmann left review comments

@aeneasr aeneasr aeneasr approved these changes

@alnr alnr alnr left review comments

@jonas-jonas jonas-jonas Awaiting requested review from jonas-jonas

Assignees

@hperl hperl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@hperl @aeneasr @alnr @jonas-jonas @kmherrmann