search

mesosphere / traefik-forward-auth

214 stars 46 forks source link

Logout endpoint missing / not working #57

Open laitco opened 2 years ago

laitco commented 2 years ago

/_oauth/logout is not working when i point a /_oauth PathPraefix to the forward-auth-container. How can i delete the session cookies ?

mhrabovcin commented 2 years ago

Could you please share the configuration (without any possible credentials) that you're running?

laitco commented 2 years ago

Sure. Here my config of the container.

traefik-auth:
    container_name: traefik-auth
    image: mesosphere/traefik-forward-auth
    environment:
      - CLIENT_ID=XXXXXXXXXXXXXXX
      - CLIENT_SECRET=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      - PROVIDER_URI=https://login.domain.de/auth/realms/master
      - SECRET=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      - LOG_LEVEL=debug
      - URL_PATH=/_oauth
      - LIFETIME=43200
      - INSECURE_COOKIE=false
      - COOKIE_DOMAIN=domain.de
      - COOKIE_NAME=_auth_domain
      - CSRF_COOKIE_NAME=_auth_domain_csrf
      - CLAIMS_SESSION_NAME=_auth_domain_claims
      - USER_COOKIE_NAME=_auth_domain_name
    networks:
      - proxy
    labels:
      - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-auth:4181"
      - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User, X-Forwarded-Proto, X-Forwarded-Uri, X-Forwarded-For, X-Forwarded-Method, X-Secret"
      - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
      - "traefik.enable=true"
    restart: always
networks:
  proxy:
    external: true
laitco commented 2 years ago

And here my router config.

http:
  routers:
    login_oauth:
      entryPoints:
        - "https"
      rule: "Host(`login.domain.de`) && PathPrefix(`/_oauth`)"
      middlewares:
        - default-headers
        - https-redirect
        - rate-limit
      tls:
        options: tls-options
      service: login_oauth

  services:
    login_oauth:
      loadBalancer:
        servers:
          - url: "http://traefik-auth:4181"
        passHostHeader: true
laitco commented 2 years ago

Something new ?

laitco commented 2 years ago

Please implement like: https://github.com/thomseddon/traefik-forward-auth/pull/107

laitco commented 2 years ago

Something new ?

dhofstetter commented 2 years ago

For me the same Issue appears, I'm not able to logout using the Endpoint. Is it included here?

codebude commented 1 year ago

Any chance that this gets implemented?

lvijnck commented 1 year ago

+1