Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logout Not Working #3913

Open
5 tasks done
emtammaru opened this issue Dec 19, 2024 · 0 comments
Open
5 tasks done

Logout Not Working #3913

emtammaru opened this issue Dec 19, 2024 · 0 comments
Labels
bug Something is not working.

Comments

@emtammaru
Copy link

Preflight checklist

Ory Network Project

No response

Describe the bug

The quickstart configuration includes a logout config logout: http://127.0.0.1:3000/logout, and there's also a logout page in the sample app which are not working for me. There's no logout button, so by looking in the API Reference docs I found the oauth2/sessions/logout endpoint. It does not redirect to the configured logout page as would be expected to complete the logout challenge flow (adminGetOAuth2LogoutRequest followed by adminAcceptOAuth2LogoutRequest). Am I missing something? Looked through the source code, and I see it trying to redirect here:

hydra/consent/strategy_default.go

Line 878 in 3a09db2

http.Redirect(w, r, urlx.SetQuery(s.c.LogoutURL(ctx), url.Values{"logout_challenge": {challenge}}).String(), http.StatusFound)
But it's getting stuck somewhere? Planning to debug it myself, but wanted to create an issue in case anyone else has experienced similar or else I'm simply missing some config.

Reproducing the bug

  1. Run 5 minute quick-start tutorial for self-hosting hydra (https://www.ory.sh/docs/hydra/5min-tutorial)
  2. After logging in, navigate in the browser to oauth2/sessions/logout
  3. Expected to be redirected to the logout page http://127.0.0.1:3000/logout to complete the logout flow but instead am redirected to default post logout URL.

Screen recording of steps to reproduce below:
https://github.com/user-attachments/assets/6ef6dbbf-c5b5-4f65-b35d-e4d1b340d1af

Relevant log output

The only error in the logs is:

hydra-1          | time=2024-12-19T19:57:30Z level=error msg=A request failed because configuration key "urls.post_logout_redirect" is missing or malformed. audience=application service_name=Ory Hydra service_version=v2.2.0

I tried setting the post_logout_redirect config, and it does redirect there. However, it still never redirects to http://127.0.0.1:3000/logout with a logout challenge.



### Relevant configuration

```yml
serve:
  cookies:
    same_site_mode: Lax

urls:
  self:
    issuer: http://127.0.0.1:4444
  consent: http://127.0.0.1:3000/consent
  login: http://127.0.0.1:3000/login
  logout: http://127.0.0.1:3000/logout

secrets:
  system:
    - youReallyNeedToChangeThis

oidc:
  subject_identifiers:
    supported_types:
      - pairwise
      - public
    pairwise:
      salt: youReallyNeedToChangeThis

Version

v2.2 and master

On which operating system are you observing this issue?

macOS

In which environment are you deploying?

None

Additional Context

No response
@emtammaru emtammaru added the bug Something is not working. label Dec 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something is not working.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@emtammaru