providers/proxy: correctly set id_token_hint if possible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
107f2745c8
commit
b3da1d223c
|
@ -222,17 +222,24 @@ func (a *Application) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *Application) handleSignOut(rw http.ResponseWriter, r *http.Request) {
|
func (a *Application) handleSignOut(rw http.ResponseWriter, r *http.Request) {
|
||||||
//TODO: Token revocation
|
redirect := a.endpoint.EndSessionEndpoint
|
||||||
s, err := a.sessions.Get(r, constants.SessionName)
|
s, err := a.sessions.Get(r, constants.SessionName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Redirect(rw, r, a.endpoint.EndSessionEndpoint, http.StatusFound)
|
http.Redirect(rw, r, redirect, http.StatusFound)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
if c, exists := s.Values[constants.SessionClaims]; c == nil || !exists {
|
||||||
|
cc := c.(Claims)
|
||||||
|
uv := url.Values{
|
||||||
|
"id_token_hint": []string{cc.RawToken},
|
||||||
|
}
|
||||||
|
redirect += "?" + uv.Encode()
|
||||||
|
}
|
||||||
s.Options.MaxAge = -1
|
s.Options.MaxAge = -1
|
||||||
err = s.Save(r, rw)
|
err = s.Save(r, rw)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
http.Redirect(rw, r, a.endpoint.EndSessionEndpoint, http.StatusFound)
|
http.Redirect(rw, r, redirect, http.StatusFound)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
http.Redirect(rw, r, a.endpoint.EndSessionEndpoint, http.StatusFound)
|
http.Redirect(rw, r, redirect, http.StatusFound)
|
||||||
}
|
}
|
||||||
|
|
Reference in New Issue