-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: propagate logout to identity provider #3596
Conversation
017859b
to
bf7b3ef
Compare
2b3718d
to
8d35bcd
Compare
Codecov Report
@@ Coverage Diff @@
## master #3596 +/- ##
==========================================
+ Coverage 76.26% 76.29% +0.03%
==========================================
Files 132 132
Lines 9930 9974 +44
==========================================
+ Hits 7573 7610 +37
- Misses 1840 1845 +5
- Partials 517 519 +2 |
8d35bcd
to
802e3a3
Compare
This commit improves the integration between Hydra and Kratos when logging out the user. This adds a new configuration key for configuring a Kratos admin URL. Additionally, Kratos can send a session ID when accepting a login request. If a session ID was specified and a Kratos admin URL was configured, Hydra will disable the corresponding Kratos session through the admin API if a frontchannel or backchannel logout was triggered.
802e3a3
to
4649f4d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice! Few things:
- naming (config, api, db)
- test for migration
- ConfirmLoginSession does not set login session id correctly+
If the user logs out of Hydra, we want to propagate this to a connected Ory Kratos instance so that the user is also logged out there.
Related issue(s)
Part of https://github.com/ory-corp/cloud/issues/5038
Checklist
introduces a new feature.
contributing code guidelines.
vulnerability. If this pull request addresses a security vulnerability, I
confirm that I got the approval (please contact
security@ory.sh) from the maintainers to push
the changes.
works.
Further Comments