Re: [PR] fix: add redirect_after_logout_uri for ODIC that do not have an end_session_endpoint [apisix]

via GitHub Wed, 20 Dec 2023 18:56:23 -0800


monkeyDluffy6017 commented on code in PR #10653:
URL: https://github.com/apache/apisix/pull/10653#discussion_r1433397246



##########
apisix/plugins/openid-connect.lua:
##########
@@ -440,15 +440,30 @@ function _M.rewrite(plugin_conf, ctx)
         conf.timeout = conf.timeout * 1000
     end
 
+    local path = ctx.var.request_uri
+
     if not conf.redirect_uri then
-        conf.redirect_uri = ctx.var.request_uri
+        conf.redirect_uri = path
     end
 
     if not conf.ssl_verify then
         -- openidc use "no" to disable ssl verification
         conf.ssl_verify = "no"
     end
 
+    if path == (conf.logout_path or "/logout") then
+        local discovery, discovery_err =openidc.get_discovery_doc(conf)
+        if discovery_err then
+            core.log.error("OIDC access discovery url failed : ", 
discovery_err)
+            return 500

Review Comment:
   Why 500 here? 500 means `internal error`, we should not return 500 on any 
occasion



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] fix: add redirect_after_logout_uri for ODIC that do not have an end_session_endpoint [apisix]

Reply via email to