search

oidc-wp / openid-connect-generic

WordPress plugin to provide an OpenID Connect Generic client
https://wordpress.org/plugins/daggerhart-openid-connect-generic/
261 stars 155 forks source link

WordPress Logout Error with Passage.id #537

Closed gojo-limitless closed 6 months ago

gojo-limitless commented 6 months ago

I was able to successfully implement Passage.id with your plugin on my website.

I had to remove the userinfo endpoint URL to get it working, as I encountered this issue initially: https://github.com/oidc-wp/openid-connect-generic/issues/152

That fixed and made the login page work. However, whenever I try to logout, by clicking on https://website.com/wp-login.php?action=logout&_wpnonce=value

I get the following error, and the session does not logout: https://prnt.sc/-2-M8YCYRvrm..

And, my endpoint URI is as instructed in Passage's documentation: https://docs.passage.id/helpful-guides/ecommerce-guides/wordpress-and-woocommerce#configure-the-oidc-client-to-use-passage, which looks like: https://name.withpassage.com/logout

Any assistance is appreciated, thanks in advance!

Solution:

If you are facing the same issue as me, Check the URL when you are redirected to when you logout

https://customdomain.com/logout?id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6IjNFTE1rRW0xRjM0SEJUQk1GMGRBQ1VQQiJ9.eyJpc3MiOiJodHRwczovL2F1dGguaW5mb3NlY3BhcGVyLmNvbS8iLCJzdWIiOiJJY01LNzRwb2xqTUQ1MGY5RGtXRDZ1MnoiLCJhdWQiOlsiMGJVV25kVDVOTXMxejk0eGxDa0wzblU4Il0sImV4cCI6MTcxNTY1OTIwOSwiaWF0IjoxNzE1NjU4NjA5LCJhdXRoX3RpbWUiOjE3MTU2NTg2MDgsImF6cCI6IjBiVVduZFQ1Tk1zMXo5NHhsQ2tMM25VOCIsImNsaWVudF9pZCI6IjBiVVduZFQ1Tk1zMXo5NHhsQ2tMM25VOCIsImF0X2hhc2giOiJLSzM5Q2l5Umx5OTZ1a2FSZ3dFMHJnIiwiY19oYXNoIjoiVGJaZjlRVjVrSFpmM3l4ZXRBY1B2QSIsImVtYWlsIjoiYW5rdXNoZGFzOUBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjpmYWxzZX0.wWSxtOY5IZBqw-MbTANooL0eAD5m3iOFxAxO0q9r_SRUn0erCLqPyJBuLtYA0nPtpSqSELwl2gDVAgd2nA-ITOGG--rG5RHNTXBamyJSbrRp6Bo4xvnit6595VehyJyfa0bzaKQgqOH52flDI3LmWHVlOZKuNnrChzLoZ4AMKpJsNXbCHCP0iqwJfOydr9O8Hd_o4pp3qCaIG3FMwrq927QXzRNuf2NS8ZyUeb-itfHD2tub3bdEezYttGnZZk61FsxST52aHWStMjlFHmUmsSXRc97Sg-pFetbRtGnALbys5k3OlFEn2pbeMZSK31KlSRpx_XEXzj04-9wq1cdAPQ&post_logout_redirect_uri=https%3A%2F%2Fcustomdomain.com

From this, make sure the "Allowed Logout URLs" in the Passage.id console matches (down to any extra slash/absence of it) exactly as post_logout_redirect_uri value

timnolte commented 6 months ago

I think your "Allowed logout URL" is configured wrong in Passage.

gojo-limitless commented 6 months ago

I think your "Allowed logout URL" is configured wrong in Passage.

I tried setting the allowed logout URL to

https://name.com/wp-login.php?action=logout

I'm not sure what else should I add?

They don't have any detailed documentation regarding what to add there. Just the one I linked.

I've also mailed them, but I haven't gotten any response. I've tried their Discord channel next. If I find a solution, I'll update that here soon.

gojo-limitless commented 6 months ago

Thanks to Passage's Discord support, a community member just pointed out a potential mismatch in the "Allowed logout URL", where I had an extra trailing /, I removed it, and that worked.

So, @timnolte you were correct, I just realized the trailing slash when someone pointed it out. Now, logout works!