Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow logout+jwt JWT type for reactive #15847

Merged
merged 1 commit into from
Sep 30, 2024
Merged

Allow logout+jwt JWT type for reactive #15847

merged 1 commit into from
Sep 30, 2024

Conversation

c1rd3cm
Copy link
Contributor

@c1rd3cm c1rd3cm commented Sep 24, 2024
edited
Loading

The OIDC back-channel spec recommends using a logout token typ logout+jwt (see here).

Support of this type was recently added on the Servlet side, so backporting the same on the reactive side to
close the gap.

Closes gh-15702

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Sep 24, 2024
@jzheaux
Copy link
Contributor

jzheaux commented Sep 26, 2024

Thanks, @c1rd3cm! Before this gets merged, will you please update the commit message so that it ends with the following on its own line:

Closes gh-15702

This will allow the associated issue to be closed upon merge. It also makes it easier to perform research in the future when ascertaining why a certain change was made.

@jzheaux jzheaux self-assigned this Sep 26, 2024
@jzheaux jzheaux added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-feedback We need additional information before we can continue and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 26, 2024
@c1rd3cm
Allow logout+jwt JWT type for reactive
9dff1a6 
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken).

Support of this type was recently added [on the servlet side]([on the Servlet side](spring-projects@9101bf1)), so back
porting the same on the reactive side to close the gap.

Closes spring-projectsgh-15702
@c1rd3cm
Copy link
Contributor Author

c1rd3cm commented Sep 27, 2024

Thanks for the review @jzheaux. Sorry, this is my first time submitting a PR, and I saw that I missed the reference to the issue in my commit but I thought that having it the PR would be enough. I updated my commit description and did a force push, I hope this is the right way.

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels Sep 27, 2024
@jzheaux
Copy link
Contributor

jzheaux commented Sep 30, 2024

Looks great, @c1rd3cm. Thanks for the update.

@jzheaux jzheaux added this to the 6.4.0-RC1 milestone Sep 30, 2024
@jzheaux jzheaux merged commit aceb5fa into spring-projects:main Sep 30, 2024
6 checks passed
@jzheaux
Copy link
Contributor

jzheaux commented Sep 30, 2024

Thanks again, @c1rd3cm! This is now merged into main.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: enhancement A general enhancement
Projects
None yet
Milestone
6.4.0-RC1
Development

Successfully merging this pull request may close these issues.

Supporting logout+jwt for back-channel logout with spring-webflux
3 participants
@c1rd3cm @jzheaux @spring-projects-issues