MCPcopy
hub / github.com/oauth2-proxy/oauth2-proxy / SignOut

Method SignOut

oauthproxy.go:757–786  ·  view source on GitHub ↗

SignOut sends a response to clear the authentication cookie

(rw http.ResponseWriter, req *http.Request)

Source from the content-addressed store, hash-verified

755
756// SignOut sends a response to clear the authentication cookie
757func (p *OAuthProxy) SignOut(rw http.ResponseWriter, req *http.Request) {
758 redirect, err := p.appDirector.GetRedirect(req)
759 if err != nil {
760 logger.Errorf("Error obtaining redirect: %v", err)
761 p.ErrorPage(rw, req, http.StatusInternalServerError, err.Error())
762 return
763 }
764
765 if strings.Contains(redirect, idTokenPlaceholder) {
766 session, err := p.getAuthenticatedSession(rw, req)
767 if err != nil {
768 logger.Errorf("error getting authenticated session during SignOut, won't replace id_token placeholder in redirect URL: %v", err)
769 } else {
770 redirect = strings.ReplaceAll(redirect, idTokenPlaceholder, session.IDToken)
771 }
772 }
773
774 // Call backend logout before clearing the session so we still have the session
775 // (and id_token) available to invoke the provider's logout endpoint
776 p.backendLogout(rw, req)
777
778 err = p.ClearSessionCookie(rw, req)
779 if err != nil {
780 logger.Errorf("Error clearing session cookie: %v", err)
781 p.ErrorPage(rw, req, http.StatusInternalServerError, err.Error())
782 return
783 }
784
785 http.Redirect(rw, req, redirect, http.StatusFound)
786}
787
788func (p *OAuthProxy) backendLogout(rw http.ResponseWriter, req *http.Request) {
789 session, err := p.getAuthenticatedSession(rw, req)

Callers 1

Calls 7

ErrorPageMethod · 0.95
backendLogoutMethod · 0.95
ClearSessionCookieMethod · 0.95
ErrorfFunction · 0.92
GetRedirectMethod · 0.65
ErrorMethod · 0.65

Tested by 1