cameleer/cameleer-server
1
0
Fork 0
Code Issues 42 Pull Requests Actions Packages Projects Releases Wiki Activity

Add OIDC logout, fix OpenAPI schema types, expose end_session_endpoint
All checks were successful
CI / build (push) Successful in 1m8s
Details
CI / docker (push) Successful in 51s
Details
CI / deploy (push) Successful in 29s
Details

Browse Source 
Backend:
- Expose end_session_endpoint from OIDC provider metadata in /auth/oidc/config
- Add getEndSessionEndpoint() to OidcTokenExchanger

Frontend:
- On OIDC logout, redirect to provider's end_session_endpoint to clear SSO session
- Strip /api/v1 prefix from OpenAPI paths to match client baseUrl convention
- Add schema-types.ts with convenience type re-exports from generated schema
- Fix all type imports to use schema-types instead of raw generated schema
- Fix optional field access (processors, children, duration) with proper typing
- Fix AgentInstance.state → status field name

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-03-14 14:43:18 +01:00
parent 0d82304cf0
commit 50bb22d6f6
15 changed files with 1755 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/OidcAuthController.java
View File

@@ -16,6 +16,7 @@ import org.springframework.web.bind.annotation.RestController;
import java.net.URI;
import java.time.Instant;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
@@ -60,11 +61,15 @@ public class OidcAuthController {
try {
OidcConfig oidc = config.get();
return ResponseEntity.ok(Map.of(
"issuer", oidc.issuerUri(),
"clientId", oidc.clientId(),
"authorizationEndpoint", tokenExchanger.getAuthorizationEndpoint()
));
Map<String, Object> response = new LinkedHashMap<>();
response.put("issuer", oidc.issuerUri());
response.put("clientId", oidc.clientId());
response.put("authorizationEndpoint", tokenExchanger.getAuthorizationEndpoint());
String endSessionEndpoint = tokenExchanger.getEndSessionEndpoint();
if (endSessionEndpoint != null) {
response.put("endSessionEndpoint", endSessionEndpoint);
}
return ResponseEntity.ok(response);
} catch (Exception e) {
log.error("Failed to retrieve OIDC provider metadata: {}", e.getMessage());
return ResponseEntity.internalServerError()

9
cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/OidcTokenExchanger.java
View File

@@ -114,6 +114,15 @@ public class OidcTokenExchanger {
return getProviderMetadata(config.issuerUri()).getAuthorizationEndpointURI().toString();
}
/**
* Returns the provider's end-session (logout) endpoint, or {@code null} if not advertised.
*/
public String getEndSessionEndpoint() throws Exception {
OidcConfig config = getConfig();
URI uri = getProviderMetadata(config.issuerUri()).getEndSessionEndpointURI();
return uri != null ? uri.toString() : null;
}
/**
* Invalidates cached provider metadata and JWKS processor.
* Call after OIDC configuration is updated in the database.