makiolaj/GearBox
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 10 Wiki Activity

fix: use GEARBOX_URL for post-logout redirect URI
Some checks failed
CI / ci (push) Failing after 12s
Details
CI / e2e (push) Has been skipped
Details
CI / deploy (push) Has been skipped
Details

Browse Source 
Behind a reverse proxy, c.req.url resolves to internal URL which
doesn't match the registered post_logout_redirect_uri in Logto.
Use GEARBOX_URL env var (already required for OAuth) as the
redirect target.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jean-Luc Makiola
2026-04-12 22:05:53 +02:00
parent cba3804b31
commit 4241023950
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/server/index.ts
View File

@@ -103,8 +103,10 @@ app.get("/logout", async (c) => {
const postLogoutRedirect = new URL("/", c.req.url).origin;
if (issuer) {
const clientId = process.env.OIDC_CLIENT_ID;
const redirectUri =
process.env.GEARBOX_URL || postLogoutRedirect;
return c.redirect(
`${issuer}/session/end?client_id=${encodeURIComponent(clientId || "")}&post_logout_redirect_uri=${encodeURIComponent(postLogoutRedirect)}`,
`${issuer}/session/end?client_id=${encodeURIComponent(clientId || "")}&post_logout_redirect_uri=${encodeURIComponent(redirectUri)}`,
);
}
return c.redirect("/");