webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-07-30 04:23:11 +03:00
Code Activity

OIDC RP Logout: Fixed issues during testing

Browse Source 
- Disabled by default due to strict rejection by auth systems.
- Fixed issue when autoloading logout URL, but not provided in
  autodiscovery response.
- Added proper handling for if the logout URL contains a query string
  already.
- Added extra tests to cover.
- Forced config endpoint to be used, if set as a string, instead of
  autodiscovery endpoint.
This commit is contained in:
Dan Brown
2023-12-07 17:45:17 +00:00
parent a72e0fee70
commit 81d256aebd
3 changed files with 60 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Config/oidc.php
View File

@ -37,9 +37,10 @@ return [
'token_endpoint' => env('OIDC_TOKEN_ENDPOINT', null),
// OIDC RP-Initiated Logout endpoint URL.
// A null value gets the URL from discovery, if active.
// A false value force-disables RP-Initiated Logout.
'end_session_endpoint' => env('OIDC_END_SESSION_ENDPOINT', null),
// A true value gets the URL from discovery, if active.
// A string value is used as the URL.
'end_session_endpoint' => env('OIDC_END_SESSION_ENDPOINT', false),
// Add extra scopes, upon those required, to the OIDC authentication request
// Multiple values can be provided comma seperated.