Logout/sign_out/end_session flow

omniauth / omniauth_openid_connect

MIT License

170 stars 187 forks source link

Logout/sign_out/end_session flow #78

Closed btrd closed 3 years ago

btrd commented 3 years ago

I'm using this gem with the Devise integration and I have trouble understanding how to use the end_session_endpoint and post_logout_redirect_uri parameters.

By default Devise only clean the session and doesn't use the two parameters, therefore I'm not calling the provider sign_out endpoint.

If it helps the PR I'm currently working on https://github.com/betagouv/civilsdeladefense/pull/782

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

yannvery commented 3 years ago

@btrd You can override the devise helper method after_sign_out_path_for to redirect the user to the logout route of the middleware (/auth/:provider/logout) with the post_logout_redirect_uri parameter.

https://github.com/heartcombo/devise/blob/5d5636f03ac19e8188d99c044d4b5e90124313af/lib/devise/controllers/helpers.rb#L219-L230

btrd commented 3 years ago

Awesome thanks !

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.