lua-resty-openidc icon indicating copy to clipboard operation
lua-resty-openidc copied to clipboard
verified publisher icon zmartzone

Logout with client id parameter

Open patryk-sob opened this issue 1 year ago • 2 comments

Logout with client_id parameter is allowed due to openid specification. When id_token_hint is not specified, client_id can be used instead. This change is a solution for situation when session_token is expired and in the logout operation we get the error message "Missing Parameters: id_token_hint error on Session timeout.".

patryk-sob avatar Jun 10 '24 12:06 patryk-sob

OpenID specification: https://openid.net/specs/openid-connect-rpinitiated-1_0.html

patryk-sob avatar Jun 10 '24 12:06 patryk-sob

could you please add a new configuration param like redirect_after_logout_with_id_token_hint for this and document it? Bonus points for extending https://github.com/zmartzone/lua-resty-openidc/blob/master/tests/spec/logout_spec.lua ;-)

bodewig avatar Aug 25 '24 09:08 bodewig