makiolaj/GearBox
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 10 Wiki Activity

fix: include client_id in Logto end-session redirect
All checks were successful
CI / ci (push) Successful in 1m13s
Details
CI / e2e (push) Has been skipped
Details
CI / deploy (push) Successful in 13s
Details

Browse Source 
Logto needs client_id to validate the post_logout_redirect_uri and
auto-redirect back to the app. Without it, user gets stuck on
Logto's end-session success page.

Note: post_logout_redirect_uri must be registered in Logto Console
under the app's "Post sign-out redirect URIs".

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jean-Luc Makiola
2026-04-12 21:58:27 +02:00
parent 23cfbf7e4b
commit cba3804b31
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/server/index.ts
View File

@@ -102,8 +102,9 @@ app.get("/logout", async (c) => {
const issuer = process.env.OIDC_ISSUER;
const postLogoutRedirect = new URL("/", c.req.url).origin;
if (issuer) {
const clientId = process.env.OIDC_CLIENT_ID;
return c.redirect(
`${issuer}/session/end?post_logout_redirect_uri=${encodeURIComponent(postLogoutRedirect)}`,
`${issuer}/session/end?client_id=${encodeURIComponent(clientId || "")}&post_logout_redirect_uri=${encodeURIComponent(postLogoutRedirect)}`,
);
}
return c.redirect("/");