Hi Chamodi, So here, - are we to follow an OIDC logout mechanism defined such as front channel or back channel - did we look at how other IdPs (Google, Auth0, Okta, etc) supports for OIDC logout , whether they implement defined OIDC logout mechanisms, or they have proprietary endpoints, etc.
Thanks, Malithi On Mon, Aug 5, 2019 at 5:32 PM Chamodi Samarawickrama <[email protected]> wrote: > The federated identity management in the Identity server currently enables > the user to do the authorization via a federated identity provider and get > logged to the client application. But, when logging out of the said client > application, currently even though the user is getting logged out of the > app, he would still be logged in to the federated identity provider. > [image: OIDC-diagram1 (1).jpeg] > Following to the completion of the project, the flow will look like this. > [image: OIDC-diagram1 (2).jpeg] > The project is planned to be carried out in following steps: > 1. Have a logout functionality with a static endpoint > 2. Configuring logout endpoint of federated IDP in management console > 3. Invoking logout endpoint with id token hint > > For the moment, the first step is completed by overriding the > initiateLogoutRequest method of AbstractApplicationAuthenticator class in > the OpenIDConnectAuthenticator ( > https://github.com/wso2-extensions/identity-outbound-auth-oidc/blob/master/components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java > ) class > as follows: > >> protected void initiateLogoutRequest(HttpServletRequest request, >> HttpServletResponse response, AuthenticationContext context) throws >> LogoutFailedException { >> try{ >> response.sendRedirect("https://wso2is:9444/oidc/logout";); >> } >> catch(IOException e){ >> e.printStackTrace(); >> } >> } >> >> The second and third phases are hoped to be carried out in the coming > weeks. > -- *Malithi Edirisinghe* | Technical Lead | WSO2 Inc. (m) +94 718176807 | (w) +94 11 214 5345 | (e) [email protected] GET INTEGRATION AGILE Integration Agility for Digitally Driven Business
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
