Skip to content

Commit

Permalink
Remove OIDC logout to ensure SSO session consists
Browse files Browse the repository at this point in the history
  • Loading branch information
@Encotric
Encotric committed Aug 2, 2023
1 parent be9df8e commit efa659b
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions core/admin/mailu/sso/views/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,13 +96,13 @@ def login():
@sso.route('/logout', methods=['GET'])
@access.authenticated
def logout():
if utils.oic_client.is_enabled():
if 'openid_token' not in flask.session:
return logout_legacy()
if 'state' in flask.request.args and 'state' in flask.session:
if flask.request.args.get('state') == flask.session['state']:
return logout_legacy()
return redirect(utils.oic_client.logout(flask.session['openid_id_token']))
#if utils.oic_client.is_enabled():
# if 'openid_token' not in flask.session:
# return logout_legacy()
# if 'state' in flask.request.args and 'state' in flask.session:
# if flask.request.args.get('state') == flask.session['state']:
# return logout_legacy()
# return redirect(utils.oic_client.logout(flask.session['openid_id_token']))
return logout_legacy()

@sso.route('/backchannel-logout', methods=['POST'])
Expand Down

0 comments on commit efa659b

Please sign in to comment.