Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Route "/o/logout" returns 500 Internal Server Error #1280

Closed
Polaris-d opened this issue Jun 2, 2023 · 0 comments · Fixed by #1284
Closed

Route "/o/logout" returns 500 Internal Server Error #1280

Polaris-d opened this issue Jun 2, 2023 · 0 comments · Fixed by #1284
Labels
bug

Comments

@Polaris-d
Copy link

Describe the bug
When the logout request comes from an anonymous user and the ID Token is empty, clicking the Logout button will return 500 Internal Server Error

To Reproduce
In the case of not logging in, open "/o/logout" directly, make sure that the parameter id_token_hint is not carried, and then click the "Logout" button to reproduce this problem

Expected behavior
I think that when no id_token is provided and it is impossible to confirm which user the request came from, a 400 error should be returned to remind the user that we cannot perform an exit operation for him/her

Version
V2.3.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
1 participant
@Polaris-d