Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

State param during logout #739

Closed
Ayiadim opened this issue Mar 9, 2020 · 4 comments · Fixed by #744
Closed

State param during logout #739

Ayiadim opened this issue Mar 9, 2020 · 4 comments · Fixed by #744
Labels
feature-request Improvements and additions to the library. pr-welcome We'd welcome a PR to solve the issue.

Comments

@Ayiadim
Copy link

Ayiadim commented Mar 9, 2020
edited
Loading

Hello, first off I'd like to say how much I appreciate this module and the author(s) for all the effort that has been put into it.

I'd like to request a feature, I could potentially create a PR for it if necessary.

Is your feature request related to a problem? Please describe.
I want to forcibly log out an existing user in order to log them in with an external provider. I want to do this in order to ensure that the user in my application is the same user logged in via the external provider. However, upon logging out the user all context is lost during the round-trip.

Describe the solution you'd like
During logOut, I'd like to be able to pass a state parameter along with the postLogoutRedirectUri and id_token_hint so that after logout I can round-trip state across the redirect.

Additional context
http://docs.identityserver.io/en/3.1.0/endpoints/endsession.html
@jeroenheijmans
Copy link
Collaborator

Makes sense to me. 👍

If it's part of the specs then direct support for a state argument might be the way to go. If it's not, but it's supported by major IDSes like IdentityServer, then it might make more sense to implement it a la the customQueryParams?

@jeroenheijmans jeroenheijmans added the feature-request Improvements and additions to the library. label Mar 9, 2020
@vdveer
Copy link
Contributor

vdveer commented Mar 9, 2020
edited
Loading

For everyone's convenience : https://openid.net/specs/openid-connect-session-1_0.html#RPLogout (yes, it is part of the (oidc session management) spec)

@jeroenheijmans
Copy link
Collaborator

jeroenheijmans commented Mar 9, 2020
edited
Loading

Thx @vdveer then it for sure makes sense to add this feature to the library!

I'll tag this with pr-welcome but do note that the release/merge cadence of the project is not super-fast, and up to the maintainer.

@jeroenheijmans jeroenheijmans added the pr-welcome We'd welcome a PR to solve the issue. label Mar 9, 2020
pmccloghrylaing added a commit to pmccloghrylaing/angular-oauth2-oidc that referenced this issue Mar 11, 2020
@pmccloghrylaing
manfredsteyer#739: Add optional state parameter for logout
37129f4
@pmccloghrylaing pmccloghrylaing mentioned this issue Mar 11, 2020
Merged
@Ayiadim
Copy link
Author

Ayiadim commented Mar 11, 2020

PR has been submitted by one of my colleagues: @pmccloghrylaing

pmccloghrylaing added a commit to faktored/angular-oauth2-oidc that referenced this issue Mar 12, 2020
@pmccloghrylaing
manfredsteyer#739: Add optional state parameter for logout
b9333eb
This was referenced Jul 28, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request Improvements and additions to the library. pr-welcome We'd welcome a PR to solve the issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add optional state parameter for logout faktored/angular-oauth2-oidc
3 participants
@vdveer @jeroenheijmans @Ayiadim