search

udplabs / zartan

Zartan is a master of make-up and disguise and so is this demo.
GNU General Public License v3.0
23 stars 23 forks source link

[FEATURE] Use the oidc `v1/logout` endpoint to logout users #351

Open zeekhoo opened 4 years ago

zeekhoo commented 4 years ago

The fromURI parameter will soon be deprecated, so it is better to use the logout endpoint

Here's how I've implemented this locally:

def gbac_logout():
    logger.debug("gbac_logout()")
    id_token = TokenUtil.get_id_token(request.cookies)
    iss = TokenUtil.get_claims_from_token(id_token)["iss"]

   redirect_url = "{iss}/v1/logout?id_token_hint={id_token}&post_logout_redirect_uri={post_logout_redirect_uri}".format(
        iss=iss,
        id_token=id_token, 
        post_logout_redirect_uri="http://localhost:8666"
    )

    response = make_response(redirect(redirect_url))
    response.set_cookie(TokenUtil.OKTA_TOKEN_COOKIE_KEY, "")
    return response
dzadikdev commented 4 years ago

@zeekhoo Can you do a PR on this or want me to?