plugin-oauth2
plugin-oauth2 copied to clipboard
Support OIDC end_session_endpoint
Actual behaviour
When clicking "logout" in Kanboard, the user is logged out from Kanboard but still logged into the SSO provider. In my case; Keycloak. This may give an end-user the false impression of being logged out of all systems even though this is not the case.
Expected behaviour
The plugin makes sure the OIDC Logout URL is contacted when a user clicks the "logout" button in Kanboard. This could be an optional setting.
Someone recently implemented this same behaviour in the Matomo LoginOIDC plugin
Configuration
- Plugin version: 8b77d84
- Kanboard version: v1.2.16
- Database type and version:
- PHP version: 7.3.19-1~deb10u1
- OS: 11.9 (Debian 11.9-0+deb10u1)
- Browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:82.0) Gecko/20100101 Firefox/82.0