cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: make OIDC logout resilient to end-session endpoint failures
All checks were successful
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 1m32s
Details
CI / docker (push) Successful in 1m13s
Details
CI / deploy-feature (push) Has been skipped
Details
CI / deploy (push) Successful in 37s
Details

Browse Source 
Fire end-session via fetch(no-cors) instead of window.location redirect.
Always navigate to /login?local regardless of whether end-session
succeeds, preventing broken JSON responses from blocking logout.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-06 23:06:56 +02:00
parent a443abe6ae
commit 95b35f6203
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ui/src/auth/auth-store.ts
View File

@@ -154,15 +154,17 @@ export const useAuthStore = create<AuthState>((set, get) => ({
isAuthenticated: false,
error: null,
});
const loginUrl = `${config.basePath}login?local`;
if (endSessionEndpoint && idToken) {
const postLogoutRedirect = `${window.location.origin}${config.basePath}login?local`;
const params = new URLSearchParams({
id_token_hint: idToken,
post_logout_redirect_uri: postLogoutRedirect,
post_logout_redirect_uri: `${window.location.origin}${config.basePath}login?local`,
});
fetch(`${endSessionEndpoint}?${params}`, { mode: 'no-cors' }).finally(() => {
window.location.href = loginUrl;
});
window.location.href = `${endSessionEndpoint}?${params}`;
} else {
window.location.href = `${config.basePath}login?local`;
window.location.href = loginUrl;
}
},
}));