cameleer/cameleer-saas
2
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): register tenant /login as OIDC post-logout redirect URI
All checks were successful
CI / build (push) Successful in 2m22s
Details
CI / docker (push) Successful in 1m7s
Details

Browse Source 
Server sends /t/{slug}/login as post_logout_redirect_uri on logout but
only /t/{slug} and /t/{slug}/login?local were registered, causing
"post_logout_redirect_uri not registered" error from Logto.

Also removes legacy /server/* redirect URIs from bootstrap (greenfield).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-28 19:15:18 +02:00
parent 61fc7f224f
commit 15c47fe36c
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docker/logto-bootstrap.sh
View File

@@ -46,8 +46,8 @@ AUTH="${AUTH_HOST:-$HOST}"
PROTO="${PUBLIC_PROTOCOL:-https}"
SPA_REDIRECT_URIS="[\"${PROTO}://${HOST}/platform/callback\"]"
SPA_POST_LOGOUT_URIS="[\"${PROTO}://${HOST}/platform/login\",\"${PROTO}://${HOST}/platform/\"]"
TRAD_REDIRECT_URIS="[\"${PROTO}://${HOST}/oidc/callback\",\"${PROTO}://${HOST}/server/oidc/callback\"]"
TRAD_POST_LOGOUT_URIS="[\"${PROTO}://${HOST}\",\"${PROTO}://${HOST}/server\",\"${PROTO}://${HOST}/server/login?local\"]"
TRAD_REDIRECT_URIS="[\"${PROTO}://${HOST}/oidc/callback\"]"
TRAD_POST_LOGOUT_URIS="[\"${PROTO}://${HOST}\"]"
log() { echo "[bootstrap] $1"; }
pgpass() { PGPASSWORD="${PG_PASSWORD:-cameleer_dev}"; export PGPASSWORD; }

2
src/main/java/io/cameleer/saas/vendor/VendorTenantService.java vendored
View File

@@ -113,7 +113,7 @@ public class VendorTenantService {
String slug = tenant.getSlug();
logtoClient.addAppRedirectUris(tradAppId,
List.of(base + "/t/" + slug + "/oidc/callback"),
List.of(base + "/t/" + slug, base + "/t/" + slug + "/login?local"));
List.of(base + "/t/" + slug, base + "/t/" + slug + "/login", base + "/t/" + slug + "/login?local"));
}
}