[Geoserver-devel] [JIRA] (GEOS-10718) [OIDC] the OIDC plugin does not currently take into account the id_token_hint parameter

Alessio Fabiani created an issue

GeoServer / ImprovementGEOS-10718

[OIDC] the OIDC plugin does not currently take into account the id_token_hint parameter

Issue Type:

ImprovementImprovement

Assignee:

Unassigned

Components:

OAuth2

Created:

21/Oct/22 6:38 PM

Priority:

MediumMedium

Reporter:

Alessio Fabiani

From the outcomes it looks like the OIDC plugin does not currently take into account the id_token_hint parameter.

[1]

> RP-Initiated Logout
> An RP requests that the OP log out the End-User by redirecting the End-User’s User Agent to the OP’s Logout Endpoint. This URL is normally obtained via the end_session_endpoint element of the OP’s Discovery response or may be learned via other mechanisms.
>
> This specification defines the following parameters that are used in the logout request at the Logout Endpoint:
>
> id_token_hint
> RECOMMENDED. ID Token previously issued by the OP to the RP passed to the Logout Endpoint as a hint about the End-User’s current authenticated session with the Client. This is used as an indication of the identity of the End-User that the RP is requesting be logged out by the OP.

References:

Add Comment

Add Comment

Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS


This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100209-sha1:392b984)

Atlassian logo