First of all, thank you very much for doing such a good work with this plugin 😃 . I write this issue here, because the original repository is not supported and I'm using yours.
I created a PR to add more parameters to schema so it will be possible to configure logout. Now there are several problems:
There are no possibility to revoce access_token and id_token. It's possible with revoke_tokens_on_logout setting (this setting exists in schema.lua, but not processed in utils.lua).
Don't know about other providers, but Okta requires id_token_hint to be present in logout request. It's possible with redirect_after_logout_with_id_token_hint setting.
Hi guys
First of all, thank you very much for doing such a good work with this plugin 😃 . I write this issue here, because the original repository is not supported and I'm using yours.
I created a PR to add more parameters to schema so it will be possible to configure logout. Now there are several problems:
access_token
andid_token
. It's possible withrevoke_tokens_on_logout
setting (this setting exists inschema.lua
, but not processed inutils.lua
).logout
endpoint of OIDC provider (it's implemented inlua-resty-openidc
https://github.com/zmartzone/lua-resty-openidc/blob/7d72f45117c1da472664ff9d10de573343d56d7b/lib/resty/openidc.lua#L1331). It's possible now withpost_logout_redirect_uri
setting.id_token_hint
to be present in logout request. It's possible withredirect_after_logout_with_id_token_hint
setting.It would be great if you can review changes in this PR https://github.com/revomatico/kong-oidc/pull/16