Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds ability to validate Logout token #251

Open
wants to merge 5 commits into
base: v3
Choose a base branch
from

Conversation

like-a-bause
Copy link

Adds the ability to validate a Logout Token according to https://openid.net/specs/openid-connect-backchannel-1_0.html

ericchiang:mod branch is already merged.

Closes #211

@archerbj
Copy link

archerbj commented Jan 26, 2021

Sorry to bother, may I ask when this will be merged?

@flo-mic
Copy link

flo-mic commented Feb 14, 2022

@aspeteRakete do you have some insights why this PR is not merged?

@like-a-bause
Copy link
Author

I think @ericchiang was concerned that backchannel logout is still in draft state. As can be seen in this comment: #211 (comment)

The last rev of the spec was published on August 7, 2020. But at least it is not listed as inactive.
For reference:
https://openid.net/specs/openid-connect-backchannel-1_0.html
https://openid.net/developers/specs/

@flo-mic
Copy link

flo-mic commented Feb 14, 2022

Ah I see. Unfortunately it is two years ago since last update ☹️ and backchannel logout would be a huge security improvement from my perspective. Hope thy will finalize this soon.

Anyway, thanks for the PR 👍🏼. Would like to see it implemented

@like-a-bause
Copy link
Author

You can of course use my fork if you want to use backchannel logout. Just updated the branch to contain the latest upstream changes.

@lus
Copy link

lus commented Mar 27, 2022

Is there any update on this?
As far as I am aware, this would not be a breaking change and would allow us to implement backchannel logout without having to rely on an unofficial fork.
Backchannel logout is widely supported by several IdPs, Keycloak would be a popular example.

@lwj5
Copy link

lwj5 commented Sep 30, 2022

Is this PR moving forward? Looks like it's official https://openid.net/specs/openid-connect-backchannel-1_0.html
@ericchiang

@shkarface
Copy link

Since backchannel logout is official, I think this PR should be merged.

@FAUSheppy
Copy link

Any news here? Would greatly appreciate this critical feature.

@ruoibmt
Copy link

ruoibmt commented Jun 24, 2024

This is still desired

@marjuscako
Copy link

Hey @ericchiang, since this is official https://openid.net/specs/openid-connect-backchannel-1_0.html, could you take a look on this PR? This blocks an important feature for oauth2-proxy oauth2-proxy/oauth2-proxy#1224

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Logout Token Validation Support?
9 participants