Closed tomnocon closed 5 years ago
I'll take a PR. I assume in your use case, you don't have an active request for the user, only a server
reference and the session id? If that's the case, this should be a server-level decoration and look like server.yar.revoke(id)
.
Yes, that's exactly what I mean. I'll create a PR.
Hello, @hueniverse. Can you create a branch from the v8.1.2
tag? I've also implemented this feature for the previous version, so I'll be able to create a pull request. Thanks!
Hi @hueniverse, would it be possible to do as @tomnocon suggests? Our ticket depends on resultion of this issue and we would love to see it merged and closed. Thanks!
This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.
I'm trying to implement the Back-Channel Logout from the OpenId Connect specification. There is a case when the OpenID Provider (OP) want to delete session in the Relying Party (RP) for a specific user. Is it possible to delete a specific user's session?
To accomplish the above requirement, a method is needed for deleting a specific session. I've found a workaround solution but I think that it is not a good idea.
I would be good to do it directly in the yar object.