Comments (5)
I suppose you need to hand something to the Identity Provider (token?) to reference the user that should be logged out? Do you know any documentation about how that should be done? If we need to pass something. we might not be able to include that as it would be provider-specific
Regarding the redirect afterwards I had a quick look at the code and https://github.com/H2CK/oidc/blob/master/lib/Controller/LogoutController.php#L266-L273 has a post_redirect_uri that can be passed. But again, this is specific to the provider and therefore can't make it into ephios core.
from ephios.
The functionality that you describe is not currently part of the OIDC specification. There are specific implementations for some Identity Providers, e.g. mozilla/mozilla-django-oidc#320 explains how to set this up with keycloak for our OIDC library. There is an additional spec (https://openid.net/specs/openid-connect-session-1_0.html) that is either in draft status or not yet implemented by Identity Providers, I wasn't quite sure which one is appropriate.
So the feature you requested would most probably need some specific code for nextcloud similar to the issue linked above unless you can just redirect the user to a URL on the nextcloud (GET request). But that would mean that the users always end up on the nextcloud login page after logging out from ephios
from ephios.
We did something similar between Nextcloud and Moodle. Here the endpoint index.php/apps/oidc/logout mentioned in the documentation of the Nextcloud OIDC Provider App can be specified in the Moodle OIDC plugin. As a result, the user is forwarded to Nextcloud and logged out when the logout button is clicked. Unfortunately, there is no redirection back to Moodle, but the successful logout does not create a security gap. So that would be preferable.
from ephios.
About the settings: The identity provider needs a front-channel logout URL from the client and the client needs an IdP logout endpoint. I think a redirect is nice to have, but not absolutely necessary.
Here is the documentation of the Nextcloud app for the logout:
https://github.com/H2CK/oidc#endpoints
I think this might be helpful (this is what the Nextcloud app documentation refers to):
https://openid.net/specs/openid-connect-rpinitiated-1_0.html
The moodle plugin is part of the Microsoft Office 365 implementation in moodle - unfortunately without detailed documentation on the logout.
from ephios.
Regarding the redirect afterwards I had a quick look at the code and https://github.com/H2CK/oidc/blob/master/lib/Controller/LogoutController.php#L266-L273 has a post_redirect_uri that can be passed. But again, this is specific to the provider and therefore can't make it into ephios core.
@pov91 maybe you can experiment a bit while setting the logout URL, if I understood that section correctly you should be able to append a post_redirect_uri to the LOGOUT_URL that you set within ephios so it gets passed to nextcloud which in turn should redirect you back to ephios
from ephios.
Related Issues (20)
- Guest registration doesn't work HOT 7
- Remove django_dynamic_preferences
- Filter working hours by type
- Remove push subscription if delivery fails
- NotificationType missing
- Unsupported characters lead to errors HOT 5
- Internal participation comment for planners
- Event Title is not Clickable HOT 1
- Share event
- sortable.js for positions and subblocks in the complex editor
- Shift State Rendering Followups
- Filter events by "help wanted"
- Mobile view for calendar day
- Make Participation API Consistent and Use Fewer Calls HOT 4
- API: `/api/users/by_email` returns 404 error for email addresses with dots before the @ HOT 1
- Participation API Permissions Might be Wrong
- Copying events with overnight shifts creates broken copies HOT 1
- Also show responsible groups in the "visible for" list HOT 1
- Allow creating groups without members
- Allow changing password of local users if local login is disabled
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ephios.