Support OIDC backchannel logouts (#11414)
If configured an OIDC IdP can log a user's session out of Synapse when they log out of the identity provider. The IdP sends a request directly to Synapse (and must be configured with an endpoint) when a user logs out.
Showing
- changelog.d/11414.feature 1 addition, 0 deletionschangelog.d/11414.feature
- docs/openid.md 14 additions, 0 deletionsdocs/openid.md
- docs/usage/configuration/config_documentation.md 9 additions, 0 deletionsdocs/usage/configuration/config_documentation.md
- synapse/config/oidc.py 12 additions, 0 deletionssynapse/config/oidc.py
- synapse/handlers/oidc.py 345 additions, 36 deletionssynapse/handlers/oidc.py
- synapse/handlers/sso.py 71 additions, 0 deletionssynapse/handlers/sso.py
- synapse/rest/synapse/client/oidc/__init__.py 4 additions, 0 deletionssynapse/rest/synapse/client/oidc/__init__.py
- synapse/rest/synapse/client/oidc/backchannel_logout_resource.py 35 additions, 0 deletions...e/rest/synapse/client/oidc/backchannel_logout_resource.py
- synapse/storage/databases/main/registration.py 21 additions, 0 deletionssynapse/storage/databases/main/registration.py
- tests/rest/client/test_auth.py 366 additions, 24 deletionstests/rest/client/test_auth.py
- tests/rest/client/utils.py 51 additions, 4 deletionstests/rest/client/utils.py
- tests/server.py 6 additions, 0 deletionstests/server.py
- tests/test_utils/oidc.py 25 additions, 2 deletionstests/test_utils/oidc.py
Loading
Please register or sign in to comment