Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Url Redirect on logout #775

Closed
tiphaineruy opened this issue May 5, 2022 · 8 comments
Closed

Url Redirect on logout #775

tiphaineruy opened this issue May 5, 2022 · 8 comments

Comments

@tiphaineruy
Copy link

tiphaineruy commented May 5, 2022
edited
Loading

Issue and Steps to Reproduce

With the newest release of Keycloak18 I realised that the "redirect_uri" in #713 isn't part of the OpenID implementation
The new implementation for keycloak seems to be based on the oidc ref:
https://openid.net/specs/openid-connect-rpinitiated-1_0.html
( see: https://www.keycloak.org/2022/04/keycloak-1800-released at post_logout_redirect_uri )

using the following url params added to the logout endpoint
post_logout_redirect_uri
id_token_hint

However id_token_hint requires to know the token which isn't a solution when using the webworker actually. I'm not quite sure how to implement that currently appart from manually adding the id_token_hint in the webworker with a regexp to detect logout url ?

Using:

Versions

Screenshots

Expected

I would like to be able to insert the url params to the logout request
post_logout_redirect_uri
id_token_hint

Actual

Additional Details

And anyways, Currently the fix #767 errors because encodeURI() should be encodeURIComponent(), And redirect_uri seems to be specific to keycloak, when post_logout_redirect_uri is the openidconnect implementation.

  • Installed packages:
@guillaume-chervet
Copy link
Contributor

Thank you very @tiphaineruy, i think i understood what to do https://openid.net/specs/openid-connect-rpinitiated-1_0.html

Fortunately id token is not hidden by th service worker (only access token ans refresh token for the moment).
I will give a try 😀

@guillaume-chervet
Copy link
Contributor

It seems to work b5a314f :)

@tiphaineruy
Copy link
Author

tiphaineruy commented May 5, 2022
edited
Loading

That's awsome Thanks !

-> Just tested from the master branch, works as a charm.

@tedoham
Copy link

tedoham commented May 6, 2022

That's awsome Thanks !

-> Just tested from the master branch, works as a charm.

I am still having issues with logout using the Identity server.

@Leopoldo-Rangel
Copy link

Hi, just tested this and works great, thank you. Only detail is that currently post logout url is not allowed to be empty:
logout("") , in case return Url was root of the site.

Thanks again.

@guillaume-chervet
Copy link
Contributor

What behavior would you expect?
may be null does not set the callback url at all. what do yout think?

@Leopoldo-Rangel
Copy link

Would it be possible that logout("") sets the callback url to window.location.origin? Currently this line on /packages/react/src/oidc/vanilla/oidc.ts:

const path = callbackPath || location.pathname + (location.search || '') + (location.hash || '');

will set path to location.pathname when callbackPath = ""

Thanks!

@guillaume-chervet guillaume-chervet mentioned this issue May 10, 2022
Merged
@guillaume-chervet
Copy link
Contributor

Thank you all for the issue ans your help. I think it is done. I close the issue. Feel free to reopen it if needed.

This was referenced May 13, 2022
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tiphaineruy @tedoham @guillaume-chervet @Leopoldo-Rangel