auth-module icon indicating copy to clipboard operation
auth-module copied to clipboard

Published 20 hours ago verified publisher icon nuxt-community

fix: logout-redirect oauth2

Open mht-dotsource opened this issue 4 years ago • 4 comments

At the moment the redirect for logout in oauth2 is configured to use the parameter logout_uri.

According to my knowledge this value is not used by any oauth2 provider.

An industry standard, e.g. keycloak https://www.keycloak.org/docs/latest/securing_apps/#logout uses redirect_uri in the same way redirects are communicated in Authorization Request and Access Token Request are defined https://www.rfc-editor.org/info/rfc6749

This behaviour looks smart because it is compatible with the openId connect session draft. This specification accepts equal redirect_uri or post_logout_redirect_uri. See https://openid.net/specs/openid-connect-session-1_0.html

mht-dotsource avatar Feb 23 '21 16:02 mht-dotsource

can we have this merged ?

seuros avatar May 25 '21 19:05 seuros

I'd like to second this one please.

kilakewe avatar Sep 13 '21 05:09 kilakewe

Hi

Any updates on this ?

francoisauclair911 avatar Mar 25 '22 18:03 francoisauclair911

Any updates on this ?

kasodeMb avatar Aug 25 '22 23:08 kasodeMb