https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31900
Alexander Wagner <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #10 from Alexander Wagner <[email protected]> --- In our system we use OIDC as authentication and this works fine. However, it is an SSO login that will also open up quite a few other web services like mail etc. Therefore, we believe that a logout from Koha should also initiate a logout at the IdP. Otherwise, the user sees a successful logout but in fact you can still happily open up any other service (and even koha) again without authentication. Therefore, I tried to work on this bug but was not able to really solve the issue. AFAIS it is necessary to enhance `checkauth()` in `Auth.pm` in the `if ($logout) { }` branch and call the relevant logout-url there. This logout-url requires an `id_token` and/or `oidc_stat` that is passed on during login. But I do not understand how to pass these tokens on from the login functions properly. It seems that `Koha::REST::V1::Client` gets the necessary tokens when `login()` returns and they should go with the `$session` from there on. So I could retrieve them during logout and pass them on in the logout url. But there is some magic beyond my limited powers involved. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
