🪲

Author: quochuydev

app1/ui/Home.tsx

@@ -28,14 +28,8 @@ export default function Home() {
               onSelectAccount={(session) => console.log(session)}
               session={sessions[0]}
               sessions={sessions}
-              signOut={async (sessionId) => {
-                await fetch("https://auth.example.local/api/v1/signout", {
-                  method: "post",
-                  credentials: "include",
-                  body: JSON.stringify({ sessionId }),
-                }).then((response) => response.json());
-
-                reloadSessions();
+              signOut={() => {
+                window.location.href = `https://auth.example.local/auth/signout?id_token_hint=${sessions[0].idToken}&return_url=https://app.example.local/app1/hello`;
               }}
             />
           </div>

auth/app/api/auth/signout/route.ts

@@ -5,60 +5,66 @@ import { prisma } from "@/lib/prisma";
 import { NextRequest, NextResponse } from "next/server";
 
 export async function POST(request: NextRequest) {
-  const body = (await request.json()) as {
-    returnUrl?: string;
-    idTokenHint?: string;
-    clientId?: string;
-    postLogoutRedirectUri?: string;
-    state?: string;
-  };
-  const { returnUrl, idTokenHint, clientId, postLogoutRedirectUri, state } =
-    body;
+  try {
+    const body = (await request.json()) as {
+      returnUrl?: string;
+      idTokenHint?: string;
+      clientId?: string;
+      postLogoutRedirectUri?: string;
+      state?: string;
+    };
+    const { returnUrl, idTokenHint, state } = body;
 
-  const wellKnownResponse = await fetch(
-    `${configuration.portal.issuer}/.well-known/openid-configuration`
-  );
+    const wellKnownResponse = await fetch(
+      `${configuration.portal.issuer}/.well-known/openid-configuration`
+    );
 
-  const wellKnown = (await wellKnownResponse.json()) as {
-    issuer: string;
-    authorization_endpoint: string;
-    token_endpoint: string;
-    userinfo_endpoint: string;
-    end_session_endpoint: string;
-  };
+    const wellKnown = (await wellKnownResponse.json()) as {
+      issuer: string;
+      authorization_endpoint: string;
+      token_endpoint: string;
+      userinfo_endpoint: string;
+      end_session_endpoint: string;
+    };
 
-  if (wellKnownResponse.status !== 200) {
-    throw { code: wellKnownResponse.status, details: wellKnown };
-  }
+    if (wellKnownResponse.status !== 200) {
+      throw { code: wellKnownResponse.status, details: wellKnown };
+    }
 
-  const params: {
-    id_token_hint?: string;
-    client_id?: string;
-    post_logout_redirect_uri?: string;
-    state?: string;
-  } = {
-    id_token_hint: idTokenHint,
-    client_id: clientId,
-    post_logout_redirect_uri: postLogoutRedirectUri,
-    state: state,
-  };
+    const params: {
+      client_id?: string;
+      post_logout_redirect_uri?: string;
+      id_token_hint?: string;
+      state?: string;
+    } = {
+      client_id: configuration.portal.clientId,
+      post_logout_redirect_uri: configuration.portal.postLogoutRedirectUri,
+    };
 
-  if (idTokenHint) {
-    await prisma.session.updateMany({
-      where: {
-        idToken: idTokenHint,
-      },
-      data: {
-        deletedAt: new Date(),
-      },
-    });
-  }
+    if (idTokenHint) params.id_token_hint = idTokenHint;
+    if (state) params.state = state;
 
-  const endSessionUrl = `${
-    wellKnown.end_session_endpoint
-  }?${new URLSearchParams(params).toString()}`;
+    if (idTokenHint) {
+      await prisma.session.updateMany({
+        where: {
+          idToken: idTokenHint,
+        },
+        data: {
+          deletedAt: new Date(),
+        },
+      });
+    }
 
-  if (returnUrl) setShortLiveCookie(returnUrlCookieName, returnUrl);
+    const endSessionUrl = `${
+      wellKnown.end_session_endpoint
+    }?${new URLSearchParams(params).toString()}`;
 
-  return NextResponse.json({ endSessionUrl });
+    if (returnUrl) setShortLiveCookie(returnUrlCookieName, returnUrl);
+
+    return NextResponse.json({ endSessionUrl });
+  } catch (error: any) {
+    return NextResponse.json(error.details || { message: error.message }, {
+      status: error.code,
+    });
+  }
 }

auth/configuration.ts

@@ -41,6 +41,7 @@ const configuration = {
     issuer: "https://system-v1-fpms4l.zitadel.cloud",
     clientId: "279716137237868517",
     redirectUrl: "https://auth.example.local/api/auth/callback",
+    postLogoutRedirectUri: "https://auth.example.local/auth/signedout",
   },
 };