[KEYCLOAK-10752] - Passing id_token_hint when login out

This commit is contained in:
Pedro Igor 2021-02-04 11:05:11 -03:00
parent 456cdc51f2
commit 1434695616

View file

@ -197,7 +197,7 @@ public class KeycloakInstalled {
CallbackListener callback = new CallbackListener(); CallbackListener callback = new CallbackListener();
callback.start(); callback.start();
String redirectUri = String.format("http://%s:%s", getListenHostname(), callback.getLocalPort()); String redirectUri = getRedirectUri(callback);
String state = UUID.randomUUID().toString(); String state = UUID.randomUUID().toString();
Pkce pkce = deployment.isPkce() ? generatePkce() : null; Pkce pkce = deployment.isPkce() ? generatePkce() : null;
@ -257,10 +257,12 @@ public class KeycloakInstalled {
CallbackListener callback = new CallbackListener(); CallbackListener callback = new CallbackListener();
callback.start(); callback.start();
String redirectUri = String.format("http://%s:%s", getListenHostname(), callback.getLocalPort()); String redirectUri = getRedirectUri(callback);
// pass the id_token_hint so that sessions is invalidated for this particular session
String logoutUrl = deployment.getLogoutUrl().clone() String logoutUrl = deployment.getLogoutUrl().clone()
.queryParam(OAuth2Constants.REDIRECT_URI, redirectUri) .queryParam(OAuth2Constants.REDIRECT_URI, redirectUri)
.queryParam("id_token_hint", idTokenString)
.build().toString(); .build().toString();
Desktop.getDesktop().browse(new URI(logoutUrl)); Desktop.getDesktop().browse(new URI(logoutUrl));
@ -273,6 +275,10 @@ public class KeycloakInstalled {
} }
} }
private String getRedirectUri(CallbackListener callback) {
return String.format("http://%s:%s", getListenHostname(), callback.getLocalPort());
}
public void loginManual() throws IOException, ServerRequest.HttpFailure, VerificationException { public void loginManual() throws IOException, ServerRequest.HttpFailure, VerificationException {
loginManual(System.out, new InputStreamReader(System.in)); loginManual(System.out, new InputStreamReader(System.in));
} }