Merge commit '4576b5aa2b6c6034247d3cd136fe15c82d27a6f4'

Refactored logout endpoint
Merge pull request 'Added port stripping' (#78 ) from payments into master
2026-06-05 06:15:50 +00:00 · 2026-06-05 08:15:13 +02:00 · 2026-06-05 07:37:16 +02:00 · 2026-06-05 07:36:41 +02:00 · 2026-06-05 06:40:33 +02:00 · 2026-06-05 06:39:47 +02:00
1 changed files with 26 additions and 23 deletions
@@ -41,6 +41,25 @@ public static class Api
            options.Scope.Add("openid");
            options.Scope.Add("profile");
            options.Scope.Add("email");
+
+            options.Events = new OpenIdConnectEvents
+            {
+                OnRedirectToIdentityProvider = context =>
+                {
+                    if (!string.IsNullOrEmpty(context.ProtocolMessage.RedirectUri) && context.ProtocolMessage.RedirectUri.StartsWith("http://", StringComparison.OrdinalIgnoreCase))
+                    {
+                        var uriBuilder = new UriBuilder(context.ProtocolMessage.RedirectUri)
+                        {
+                            Scheme = "https",
+                            Port = -1,
+                        };
+
+                        context.ProtocolMessage.RedirectUri = uriBuilder.Uri.ToString();
+                    }
+
+                    return Task.CompletedTask;
+                },
+            };
        });

        return services;
@@ -87,36 +106,20 @@ public static class Api
        {
            await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
            {
-                RedirectUri = redirectUri,
+                RedirectUri = redirectUri,                
            });
        });

        app.MapGet("/logout", async (HttpContext context, IHttpClientFactory httpClientFactory, IOptions<AuthentikSettings> settings) =>
        {
-            var authOptions = settings.Value;
-            var accessToken = await context.GetTokenAsync("access_token");
-
-            if (!string.IsNullOrEmpty(accessToken))
-            {
-                try
-                {
-                    var client = httpClientFactory.CreateClient();
-
-                    var requestContent = new FormUrlEncodedContent(new Dictionary<string, string>(StringComparer.Ordinal)
-                    {
-                        { "token", accessToken },
-                        { "client_id", authOptions.ClientId! },
-                        { "client_secret", authOptions.ClientSecret! },
-                    });
-
-                    await client.PostAsync(authOptions.RevokationEndpoint, requestContent, context.RequestAborted);
-                }
-                catch { }
-            }
-
            await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

-            return Results.Redirect("/");
+            string currentBaseUrl = $"https://{context.Request.Host}{context.Request.PathBase}/";
+
+            await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
+            {
+                RedirectUri = currentBaseUrl
+            });
        });

        return app;
Author	SHA1	Message	Date
khwezi	95ae2c74cf	Merge commit '4576b5aa2b6c6034247d3cd136fe15c82d27a6f4'	2026-06-05 06:15:50 +00:00
Khwezi Mngoma	4576b5aa2b	Refactored logout endpoint continuous-integration/drone/pr Build is passing Details	2026-06-05 08:15:13 +02:00
khwezi	3847927ace	Merge pull request 'Added port stripping' (#78 ) from payments into master Reviewed-on: #78	2026-06-05 07:37:16 +02:00
Khwezi Mngoma	d38d1dd059	Added port stripping continuous-integration/drone/pr Build is passing Details	2026-06-05 07:36:41 +02:00
khwezi	c27aba1954	Merge pull request 'Forcing login https proto on redirect' (#77 ) from payments into master Reviewed-on: #77	2026-06-05 06:40:33 +02:00
Khwezi Mngoma	e646d16053	Forcing login https proto on redirect continuous-integration/drone/pr Build is passing Details	2026-06-05 06:39:47 +02:00