Skip to content

Commit

Permalink
fix: allow endSessionUrl defaults to be overriden
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Oct 19, 2022
1 parent 6fd9350 commit 7cc2402
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 12 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ openid-client.
- self_signed_tls_client_auth
- [RFC9101 - OAuth 2.0 JWT-Secured Authorization Request (JAR)][feature-jar]
- [RFC9126 - OAuth 2.0 Pushed Authorization Requests (PAR)][feature-par]
- [OpenID Connect RP-Initiated Logout 1.0 - draft 01][feature-rp-logout]
- [OpenID Connect RP-Initiated Logout 1.0][feature-rp-logout]
- [Financial-grade API Security Profile 1.0 - Part 2: Advanced (FAPI)][feature-fapi]
- [JWT Secured Authorization Response Mode for OAuth 2.0 (JARM) - ID1][feature-jarm]
- [OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP) - draft 04][feature-dpop]
Expand Down Expand Up @@ -272,7 +272,7 @@ See [Customizing (docs)][documentation-customizing].
[feature-introspection]: https://tools.ietf.org/html/rfc7662
[feature-mtls]: https://tools.ietf.org/html/rfc8705
[feature-device-flow]: https://tools.ietf.org/html/rfc8628
[feature-rp-logout]: https://openid.net/specs/openid-connect-rpinitiated-1_0-01.html
[feature-rp-logout]: https://openid.net/specs/openid-connect-rpinitiated-1_0.html
[feature-jarm]: https://openid.net/specs/openid-financial-api-jarm-ID1.html
[feature-fapi]: https://openid.net/specs/openid-financial-api-part-2-1_0.html
[feature-dpop]: https://tools.ietf.org/html/draft-ietf-oauth-dpop-04
Expand Down
1 change: 1 addition & 0 deletions docs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ parameters.

- `parameters`: `<Object>`
- `id_token_hint`: `<string>` &vert; `<TokenSet>`
- `client_id`: `<string>` **Default:** client's client_id
- `post_logout_redirect_uri`: `<string>` **Default:** If only a single
`client.post_logout_redirect_uris` member is present that one will be used automatically.
- `state`: `<string>`
Expand Down
21 changes: 11 additions & 10 deletions lib/client.js
Original file line number Diff line number Diff line change
Expand Up @@ -288,25 +288,26 @@ class BaseClient {

const { post_logout_redirect_uri = length === 1 ? postLogout : undefined } = params;

let hint = params.id_token_hint;
if (hint instanceof TokenSet) {
if (!hint.id_token) {
let id_token_hint;
({ id_token_hint, ...params } = params);
if (id_token_hint instanceof TokenSet) {
if (!id_token_hint.id_token) {
throw new TypeError('id_token not present in TokenSet');
}
hint = hint.id_token;
id_token_hint = id_token_hint.id_token;
}

const target = url.parse(this.issuer.end_session_endpoint, true);
target.search = null;
target.query = {
...params,
...target.query,
...{
defaults(
target.query,
params,
{
post_logout_redirect_uri,
id_token_hint: hint,
client_id: this.client_id,
},
};
{ id_token_hint },
);

Object.entries(target.query).forEach(([key, value]) => {
if (value === null || value === undefined) {
Expand Down
15 changes: 15 additions & 0 deletions test/client/client_instance.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -288,6 +288,21 @@ describe('Client', () => {
).to.throw(TypeError, 'id_token not present in TokenSet');
});

it('allows to override default applied values', function () {
expect(
url.parse(
this.client.endSessionUrl({
post_logout_redirect_uri: 'override',
client_id: 'override',
}),
true,
).query,
).to.eql({
post_logout_redirect_uri: 'override',
client_id: 'override',
});
});

it('allows for recommended and optional query params to be passed in', function () {
expect(
url.parse(
Expand Down

0 comments on commit 7cc2402

Please sign in to comment.