mirror of
https://github.com/Drop-OSS/drop.git
synced 2026-01-31 15:37:09 +01:00
f04daf0388
* prevent returning expired sessions * add issuer to ODIC creds * get id token in ODIC * make session signin return session * working backchannel logout? * require https for ODIC provider * handle wellknown not being https * find session api progress * fix windows build * return session token on session * switch OIDC to #searchSessions * update pnpm * switch to using message on error obj * move odic callback * fix type errors * redirect old oidc callback * make redirect url a URL * remove scheduled task downloadCleanup * fix session search for oidc * fix signin result * cleanup code * ignore data dir * fix lint error
47 lines
1.1 KiB
TypeScript
47 lines
1.1 KiB
TypeScript
// import sessionHandler from "~/server/internal/session";
|
|
import authManager from "~/server/internal/auth";
|
|
|
|
defineRouteMeta({
|
|
openAPI: {
|
|
tags: ["Auth", "OIDC"],
|
|
description: "OIDC logout back-channel",
|
|
parameters: [],
|
|
},
|
|
});
|
|
|
|
export default defineEventHandler(async (h3) => {
|
|
// dont cache logout responses
|
|
setHeader(h3, "Cache-Control", "no-store");
|
|
|
|
const enabledAuthManagers = authManager.getAuthProviders();
|
|
if (!enabledAuthManagers.OpenID)
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: "OIDC not enabled.",
|
|
});
|
|
|
|
const logout_token = (await readFormData(h3)).get("logout_token");
|
|
if (typeof logout_token !== "string")
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: "Invalid OIDC logout notification.",
|
|
});
|
|
const okay = await enabledAuthManagers.OpenID.handleLogout(logout_token);
|
|
if (!okay) {
|
|
throw createError({
|
|
statusCode: 400,
|
|
message: "Invalid OIDC logout notification.",
|
|
});
|
|
}
|
|
|
|
// const result = OIDCLogoutTokenV1(logout_token);
|
|
|
|
// const manager = enabledAuthManagers.OpenID;
|
|
|
|
// const query = getQuery(h3);
|
|
|
|
return {
|
|
success: true,
|
|
};
|
|
});
|