Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2024-10-27 20:44:07 +00:00
Code Issues Projects Releases Wiki Activity

OIDC logout: use a fixed post logout redirect uri

Browse Source
This commit is contained in:
Jonathan Perret 2024-10-16 19:22:23 +02:00 committed by vviers
parent c27f832851
commit 0ab719d640
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/server/lib/OIDCConfig.ts
View File

@ -79,6 +79,7 @@ import { SendAppPageFunction } from 'app/server/lib/sendAppPage';
import { StringUnionError } from 'app/common/StringUnion'; import { StringUnionError } from 'app/common/StringUnion';
import { EnabledProtection, EnabledProtectionString, ProtectionsManager } from './oidc/Protections'; import { EnabledProtection, EnabledProtectionString, ProtectionsManager } from './oidc/Protections';
import { SessionObj } from './BrowserSession'; import { SessionObj } from './BrowserSession';
import { getOriginUrl } from './requestUtils';
const CALLBACK_URL = '/oauth2/callback'; const CALLBACK_URL = '/oauth2/callback';
@ -289,7 +290,8 @@ export class OIDCConfig {
return this._endSessionEndpoint; return this._endSessionEndpoint;
} }
return this._client.endSessionUrl({ return this._client.endSessionUrl({
post_logout_redirect_uri: redirectUrl.href, // Ignore redirectUrl because OIDC providers don't allow variable redirect URIs
post_logout_redirect_uri: new URL('/signed-out', getOriginUrl(req)).href,
id_token_hint: session?.oidc?.idToken, id_token_hint: session?.oidc?.idToken,
}); });
} }