-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(auth): Add OAuth logout #355
Conversation
7828ac1
to
734984f
Compare
If I log in to my CRC The error messages appearing due to the failed requests (stemming from permissions denied) are expected. But, I don't have a user menu here and no obvious way to log out from this under-permissioned account. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is excellent, thank you and very well done.
Related https://github.com/cryostatio/cryostat/issues/717
In order to log out of the OAuth server, the frontend needs to make a POST request to the OAuth server's
/logout
endpoint, which removes the session cookie stored in the OAuth server. The backend will delete the access token and return the/logout
url. Note that deleting the access token without removing the session cookie will cause the OAuth server to immediately login a user after logging out.OpenShift OAuth logout docs
OpenShift OAuth endpoint for deleting access tokens
OpenShift console UI code explaining logout behaviour