Open manast1 opened 6 months ago
1.5.13
Docker / Docker-Compose
Traefik
No response
tandoor + Keycloak connected with django-allauth openid connect up and running.
Problem: Logout Button does not logout the session at the IdentityProvider.
Expected: The Button should POST the logout to the IdentityProvider
example function: return logout_url + '?' + urlencode({'post_logout_redirect_uri': RETURN_TO_TANDOOR_URL, 'client_id': CLIENT_ID})
return logout_url + '?' + urlencode({'post_logout_redirect_uri': RETURN_TO_TANDOOR_URL, 'client_id': CLIENT_ID})
example resulting url string: https://example.internal/realms/myrealm/protocol/openid-connect/logout?post_logout_redirect_uri=http://mytandoor&client_id=tandoor_oauth
https://example.internal/realms/myrealm/protocol/openid-connect/logout?post_logout_redirect_uri=http://mytandoor&client_id=tandoor_oauth
also "id_token_hint" and "logout_hint" should be included (optional/recommended) according to OpenID Connect Spez. (2. RP-Initiated Logout)
related: https://github.com/mozilla/mozilla-django-oidc/issues/320
smilerz
commented
6 months ago
Tandoor Version
1.5.13
Setup
Docker / Docker-Compose
Reverse Proxy
Traefik
Other
No response
Bug description
tandoor + Keycloak connected with django-allauth openid connect up and running.
Problem: Logout Button does not logout the session at the IdentityProvider.
Expected: The Button should POST the logout to the IdentityProvider
example function:
return logout_url + '?' + urlencode({'post_logout_redirect_uri': RETURN_TO_TANDOOR_URL, 'client_id': CLIENT_ID})example resulting url string:
https://example.internal/realms/myrealm/protocol/openid-connect/logout?post_logout_redirect_uri=http://mytandoor&client_id=tandoor_oauthalso "id_token_hint" and "logout_hint" should be included (optional/recommended) according to OpenID Connect Spez. (2. RP-Initiated Logout)
Relevant logs
No response