batpurev
commented
3 years ago in case if anyone like me having similar case there following might help.
at logout.php
include_once('/vendor/autoload.php');
$provider = new Stevenmaguire\OAuth2\Client\Provider\Keycloak([
'authServerUrl' => 'https://www:8443/auth',
'realm' => 'realm',
'clientId' => 'id',
'clientSecret' => 'secret',
'redirectUri' => 'https://ursite/',
'encryptionAlgorithm' => 'RS256', // optional
// 'encryptionKeyPath' => '../key.pem', // optional
'encryptionKey' => 'contents_of_key_or_certificate' // optional
]);
$logoutSSO = $provider->getLogoutUrl();
session_unset();
session_destroy();
header('Location: '.$logoutSSO);
Hi @stevenmaguire , Thanks for your wonderful project. I am newbie to oauth & keycloak. I was playing around & testing it within my php site for signing in with Keycloak users which works. However I have several other sites connected to same Keycloak with same configuration settings and requests coming from other sites are always asks users to login to Keycloak and then redirected back but my php site with oauth2-keycloak asks just one time and later login requests are being automatically granted by Keycloak without asking from the userd. Keycloak asks to login only after logout and then browser was closed. I want Keycloak to ask users to login if they had been logged out at the php site. Can you guys tell me how to go about it?