External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity

Use a hidden form to do POST based logout (#34694) (#34953)

Browse Source 
Closes #32648

Signed-off-by: Jon Koops <jonkoops@gmail.com>
(cherry picked from commit b2930a4799ad66e65a50384b6a505463bcf1c80b)
This commit is contained in:
Jon Koops 2024-11-22 13:16:08 +01:00 committed by GitHub
parent 0537659e91
commit b756844919
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 24 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
js/libs/keycloak-js/src/keycloak.js
View File

@ -1335,30 +1335,33 @@ function Keycloak (config) {
return;
}
const logoutUrl = kc.createLogoutUrl(options);
const response = await fetch(logoutUrl, {
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded"
},
body: new URLSearchParams({
id_token_hint: kc.idToken,
client_id: kc.clientId,
post_logout_redirect_uri: adapter.redirectUri(options, false)
})
});
// Create form to send POST request.
const form = document.createElement("form");
if (response.redirected) {
window.location.href = response.url;
return;
form.setAttribute("method", "POST");
form.setAttribute("action", kc.createLogoutUrl(options));
form.style.display = "none";
// Add data to form as hidden input fields.
const data = {
id_token_hint: kc.idToken,
client_id: kc.clientId,
post_logout_redirect_uri: adapter.redirectUri(options, false)
};
for (const [name, value] of Object.entries(data)) {
const input = document.createElement("input");
input.setAttribute("type", "hidden");
input.setAttribute("name", name);
input.setAttribute("value", value);
form.appendChild(input);
}
if (response.ok) {
window.location.reload();
return;
}
throw new Error("Logout failed, request returned an error code.");
// Append form to page and submit it to perform logout and redirect.
document.body.appendChild(form);
form.submit();
},
register: function(options) {