3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-04 01:09:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

authenticate: revoke current session oauth token before sign out (#964)

Browse source 
authenticate: revoke current session oauth token before sign out

After #926, we don't revoke access token before sign out anymore. It
causes sign out can not work, because right after user click on sign out
button, we redirect user to idp provider authenticate page with a valid
access token, so user is logged in immediately again.

To fix it, just revoke the access token before sign out.
This commit is contained in:
Cuong Manh Le 2020-06-23 00:55:55 +07:00 committed by GitHub
parent dbf020a532
commit 99142b7293
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 32 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

6
internal/identity/manager/misc.go
View file

@ -100,7 +100,8 @@ func fromSessionSchedulerKey(key string) (userID, sessionID string) {
return userID, sessionID
}
func fromOAuthToken(token *session.OAuthToken) *oauth2.Token {
// FromOAuthToken converts a session oauth token to oauth2.Token.
func FromOAuthToken(token *session.OAuthToken) *oauth2.Token {
expiry, _ := ptypes.Timestamp(token.GetExpiresAt())
return &oauth2.Token{
AccessToken: token.GetAccessToken(),
@ -110,7 +111,8 @@ func fromOAuthToken(token *session.OAuthToken) *oauth2.Token {
}
}
func toOAuthToken(token *oauth2.Token) *session.OAuthToken {
// ToOAuthToken converts an oauth2.Token to a session oauth token.
func ToOAuthToken(token *oauth2.Token) *session.OAuthToken {
expiry, _ := ptypes.TimestampProto(token.Expiry)
return &session.OAuthToken{
AccessToken: token.AccessToken,