fix(oauth): add post_logout_redirect_uri to OAuth logout redirect URI (#638)

marvinruder · web-flow · commit bfbe8de98a6a · 2024-10-15T20:49:43.000+02:00
* Add `post_logout_redirect_uri` to OAuth logout redirect URI

Signed-off-by: Marvin A. Ruder &lt;signed@mruder.dev&gt;

* Update OAuth2 configuration documentation

Signed-off-by: Marvin A. Ruder &lt;signed@mruder.dev&gt;

---------

Signed-off-by: Marvin A. Ruder &lt;signed@mruder.dev&gt;
diff --git a/backend/src/auth/auth.service.ts b/backend/src/auth/auth.service.ts
@@ -274,6 +274,7 @@ export class AuthService {
             URL.canParse(configuration.end_session_endpoint)
           ) {
             const redirectURI = new URL(configuration.end_session_endpoint);
+            redirectURI.searchParams.append("post_logout_redirect_uri", this.config.get("general.appUrl"));
             redirectURI.searchParams.append("id_token_hint", idTokenHint);
             redirectURI.searchParams.append(
               "client_id",
diff --git a/docs/docs/setup/oauth2login.md b/docs/docs/setup/oauth2login.md
@@ -42,7 +42,9 @@ Redirect URL: `https://<your-domain>/api/oauth/callback/discord`
 
 Generic OpenID Connect provider is also supported, we have tested it on Keycloak, Authentik and Casdoor.
 
-Redirect URL: `https://<your-domain>/api/oauth/callback/oidc`
+Redirect URI: `https://<your-domain>/api/oauth/callback/oidc`
+
+Post Logout Redirect URI: `https://<your-domain>`
 
 ## Custom your OAuth 2 Provider
 
