zartan [FEATURE] Use the oidc `v1/logout` endpoint to logout users

[FEATURE] Use the oidc `v1/logout` endpoint to logout users

Open zeekhoo opened this issue 4 years ago • 1 comments

The fromURI parameter will soon be deprecated, so it is better to use the logout endpoint

Here's how I've implemented this locally:

def gbac_logout():
    logger.debug("gbac_logout()")
    id_token = TokenUtil.get_id_token(request.cookies)
    iss = TokenUtil.get_claims_from_token(id_token)["iss"]

   redirect_url = "{iss}/v1/logout?id_token_hint={id_token}&post_logout_redirect_uri={post_logout_redirect_uri}".format(
        iss=iss,
        id_token=id_token, 
        post_logout_redirect_uri="http://localhost:8666"
    )

    response = make_response(redirect(redirect_url))
    response.set_cookie(TokenUtil.OKTA_TOKEN_COOKIE_KEY, "")
    return response

Sep 10 '20 23:09 zeekhoo

zartan zartan copied to clipboard

[FEATURE] Use the oidc `v1/logout` endpoint to logout users

zartan
zartan copied to clipboard