Include SP name in OIDC logout confirmation#7086
Merged
mitchellhenke merged 7 commits intomainfrom Oct 5, 2022
Merged
Conversation
mitchellhenke
commented
Oct 4, 2022
Contributor
Author
There was a problem hiding this comment.
This is kind of a double check for whether the service provider exists and has a friendly name. I'm not sure if all SPs have a friendly name, but there's a future where we support OIDC Logout without redirecting and this block will be useful then too.
@orenyk do all SPs have a friendly name?
aduth
approved these changes
Oct 4, 2022
mitchellhenke
force-pushed
the
mitchellhenke/include-sp-name-in-oidc-logout-confirmation
branch
2 times, most recently
from
fe12f90 to
4321665
Compare
…ogout confirmation page changelog: Improvements, OpenID Connect Logout, Add content indicating users will return to the service provider on logout confirmation page
Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
mitchellhenke
force-pushed
the
mitchellhenke/include-sp-name-in-oidc-logout-confirmation
branch
from
4321665 to
a360b6f
Compare
mitchellhenke
force-pushed
the
mitchellhenke/include-sp-name-in-oidc-logout-confirmation
branch
from
a360b6f to
32e1209
Compare
aduth
approved these changes
Oct 5, 2022
| post_logout_redirect_uri: logout_params[:post_logout_redirect_uri], | ||
| } | ||
| @params[:state] = logout_params[:state] if !logout_params[:state].nil? | ||
| @service_provider_name = @logout_form.service_provider&.friendly_name |
Contributor
There was a problem hiding this comment.
Is it even possible to get to this point without service_provider being present?
Contributor
Author
There was a problem hiding this comment.
Currently no, but we have some potential changes on the horizon where that may change.
Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
mitchellhenke
force-pushed
the
mitchellhenke/include-sp-name-in-oidc-logout-confirmation
branch
2 times, most recently
from
4da1258 to
58fe197
Compare
mitchellhenke
deleted the
mitchellhenke/include-sp-name-in-oidc-logout-confirmation
branch
jskinne3
pushed a commit
that referenced
this pull request
Oct 12, 2022
* add failing spec * Add content indicating users will return to the service provider on logout confirmation page changelog: Improvements, OpenID Connect Logout, Add content indicating users will return to the service provider on logout confirmation page Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🛠 Summary of changes
To make RP-initiated OIDC Logout clearer for users, we should be explicit that they will return to the SP. This PR intends to add content to clarify this.
👀 Screenshots