[Common] Enhance OAuth2 logout and discovery handling#3534
Open
Sn0w3y wants to merge 5 commits intoOpenEMS:developfrom
Open
[Common] Enhance OAuth2 logout and discovery handling#3534Sn0w3y wants to merge 5 commits intoOpenEMS:developfrom
Sn0w3y wants to merge 5 commits intoOpenEMS:developfrom
Conversation
This update introduces several key enhancements to the OAuth2 authentication flow, focusing on improving logout functionality and the handling of OIDC Discovery. Specifically: 1. **OAuth2 Logout Enhancements**: Implemented a new logout mechanism that revokes the refresh token at the OAuth provider, ensuring a more secure and complete user logout process. This is particularly important for services where session integrity and termination are critical for security. 2. **OIDC Discovery Handling**: Added support for OIDC Discovery, allowing for dynamic fetching of OAuth2 provider configurations. This makes the authentication flow more flexible and adaptable to different providers, ensuring better compatibility and ease of configuration. 3. **Code Refactoring and Cleanup**: Refactored the authentication-related code to improve clarity and maintainability. This includes better separation of concerns, clearer method names, and the removal of hardcoded URLs in favor of dynamically discovered endpoints. These changes aim to enhance the security and usability of the OAuth2 authentication flow within the application, providing a more robust and user-friendly authentication experience.
This commit cleans up the OAuthService
Codecov Report❌ Patch coverage is ❌ Your patch check has failed because the patch coverage (10.00%) is below the target coverage (75.00%). You can increase the patch coverage or adjust the target coverage.
Additional details and impacted files@@ Coverage Diff @@
## develop #3534 +/- ##
==============================================
- Coverage 59.41% 29.25% -30.15%
==============================================
Files 3068 290 -2778
Lines 133081 8315 -124766
Branches 9816 1420 -8396
==============================================
- Hits 79055 2432 -76623
+ Misses 51043 5751 -45292
+ Partials 2983 132 -2851 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Changes
Backend
logout(String oem, String refreshToken)methodcredentials
authService.logout(oem, refreshToken)to revoke token at OAuth providerwsData.logout()to properly clean up the WebSocket session{ success: true }on completionUI
OAuthLogoutRequestandOAuthLogoutResponseclasseslogout()method that sends refresh token to backend for revocationlogout()to:onLoggedOut()even on error to ensure local cleanup