-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: endpoint to delete login session by session id #2876
Conversation
eaa7ab5
to
5187c19
Compare
5187c19
to
a7011fc
Compare
89b26f5
to
624997a
Compare
Codecov Report
@@ Coverage Diff @@
## master #2876 +/- ##
==========================================
+ Coverage 76.85% 76.90% +0.04%
==========================================
Files 124 124
Lines 9164 9183 +19
==========================================
+ Hits 7043 7062 +19
Misses 1672 1672
Partials 449 449
... and 2 files with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
706e11d
to
66dd1d1
Compare
1947271
to
610851c
Compare
610851c
to
8fe10c9
Compare
921f258
to
af42dee
Compare
af42dee
to
8cb6323
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🙏
Code looks good, but there are conflicts with master. Rebasing and regenerating the SDKs probably is enough to fix it! |
7765091
to
976f40b
Compare
1b30b54
to
ed7b4fa
Compare
@aeneasr aside from being out of date with master, is there anything holding this body of work back? |
99e6fe4
to
6d362d5
Compare
8305036
to
6294aa6
Compare
…est to use sid query parameter (ory/hydra/pull/2876)
…est to use sid query parameter (ory/hydra/pull/2876)
…est to use sid query parameter (ory/hydra/pull/2876)
This pull request introduces admin endpoint to delete login session by session id.
Use case:
4.1 Login provider performs
DELETE /oauth2/auth/sessions/consent?subject=user1&login_session_id=session1&trigger_backchannel_logout=true
(related feature feat: revoke consent by session id. trigger back channel logout. #2844)4.2 Login provider performs
DELETE /oauth2/auth/sessions/login/session1
(current feature)4.3 Login provider request
GET /oauth2/auth/requests/login?login_challenge=a435b9e14cc04ee9a4b374b71e17397f
and uses request_url to redirect user to initiate new login request (Just to clarify where redirect url comes from. Actual request is made in step 3)Proposed feature allows to initiate new login with fewer redirects by skipping the usual logout flow.
Related issue(s)
#2844
Checklist
introduces a new feature.
contributing code guidelines.
vulnerability. If this pull request addresses a security. vulnerability, I
confirm that I got green light (please contact
security@ory.sh) from the maintainers to push
the changes.
works.