To logout a user in node-oidc-provider without revoking grants, you can use the Front-Channel Logout (FCL) mechanism provided by the OpenID Connect specification. This allows the client application to notify the IDP that the user has been logged out, without the IDP having to revoke any grants.
To implement FCL in node-oidc-provider, you need to first enable it in your configuration by setting the features.frontchannelLogout
property to true
. Then, you need to add a route to your application that can receive POST requests from clients that contain a logout_token
parameter.
When a user logs out of the client application, it should initiate a GET request to the IDP's authorize endpoint with the prompt=logout
parameter. This will trigger the IDP to generate a logout token and redirect the user back to the client application's logout URL with the logout token as a query parameter.
The client application should then POST the logout token to the FCL route on the IDP's server, which will trigger the IDP to broadcast a logout message to all clients that have active sessions with the same user. The clients can then either logout the user immediately or wait until the user initiates a new request and then log them out.
Note that FCL is not a foolproof mechanism, as it relies on the client application to initiate the logout process and may not work in all scenarios (e.g. if the user's browser crashes). In these cases, you may need to fall back to revoking grants as a more reliable way to log out the user.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2022-07-24 11:00:00 +0000
Seen: 12 times
Last updated: Jan 11 '22
Is it possible to globally install System.Data.OleDb?
How to debug NextJS application in VSCode?
Why does the app shut down when switching to the Google Maps section in a Flutter application?
How can an application Manager be put in place to manage the system?
How can a Qt application detect a trigger triggered by a batch script?
How can I execute a React Native application on my Android device?
What conditions could cause Wildfly to automatically undeploy an EAR?
How can an application be run with parameters from the context menu?