WIP: Controller logic for RP-initiated logout#219
Conversation
… end session flow.
…ternalUserAgentRequestURL`.
… session request.
Codecov Report
@@ Coverage Diff @@
## master #219 +/- ##
=========================================
+ Coverage 74.05% 74.36% +0.3%
=========================================
Files 58 40 -18
Lines 5076 3752 -1324
Branches 0 73 +73
=========================================
- Hits 3759 2790 -969
+ Misses 1317 960 -357
- Partials 0 2 +2
Continue to review full report at Codecov.
|
|
Thanks for the contribution. Can you sign the CLA, or link to your signed CLA on that page if you have already? |
|
Is there an ETA when this the travis build error will be fixed and this feature merged with master? Hoping to use this soon. @WilliamDenniss @dgommers |
|
@WilliamDenniss Should be done now. |
|
Oh cool! I wasn't sure if you were going to, so I made an implementation in #259 yesterday. Looks like I took a slightly different approach, bundling the action logic into OIDAuthorizationSession, whereas you created a separate object OIDEndSessionFlowSession. I was on the fence about that. |
|
Alright, do you still need anything from me or shall we close it? |
|
It's a pity that we overlapped on this one. However, looking at your changes there's still a few that are not in the logout development branch. Can you checkout the I noticed you change the nullability of the default iOS controller, perhaps that change could be a separate PR (on the main branch as it seems unrelated). Also, have you tried out logout against a real server? I have not, so I'm just working off the spec right now, so would really appreciate someone testing the |
|
Would you like to cherrypick the lines into the files that you've created or just get my files into the Yes! I've tested it and it works good with a real Keycloak server. Actually our product is already using it since March without issues :). |
|
If you can cherry-pick those lines (i.e. changes to The nullability change could be a separate PR. |
|
Closing in favor of #259 |
WIP – Relates to issue #132.
Continuing the work that has been done by @luksfarris and @WilliamDenniss on the RP-initiated logout. I've merged
masterinto thedev-logoutbranch that already contained theEndSessionrequest/response pair and added some controller glue.This PR is a small step towards completing the RP-initated logout implementation: I would like to discuss my current progress with other contributors.
As of now, I've added the
OIDAuthState.presentEndSessionRequest:externalUserAgent:callback:method. This creates a newOIDEndSessionFlowSessionand presents it on theOIDExternalUserAgent.Main things I would like to debate:
OIDEndSessionFlowSession? It is quite odd right now.OIDAuthStateis the desired location for this? We could make it standalone or integrate it with theOIDAuthorizationServiceclass.OIDAuthStateonce the logout was successful? As of now it calls theresetStatethat brings it into an empty state.OIDEndSessionFlowSessionis heavily inspired by theOIDAuthorizationFlowSessionImplementationinside theOIDAuthorizationService. Do we want to get rid of this slight duplication?No unit tests so far as things are likely to change a lot. I'll sign the contributors agreement a.s.a.p.
Looking forward for your feedback.