post_logout_redirect_uri not post_logout_redirect_uris

rohe · rohe · commit 28f87513b260 · 2021-10-13T12:16:03.000+02:00
diff --git a/example/flask_rp/conf.json b/example/flask_rp/conf.json
@@ -162,9 +162,7 @@
       "redirect_uris": [
         "https://{domain}:{port}/authz_cb/local"
       ],
-      "post_logout_redirect_uris": [
-        "https://{domain}:{port}/session_logout/local"
-      ],
+      "post_logout_redirect_uri": "https://{domain}:{port}/session_logout/local",
       "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/local",
       "frontchannel_logout_session_required": true,
       "backchannel_logout_uri": "https://{domain}:{port}/bc_logout/local",
@@ -231,9 +229,7 @@
       "redirect_uris": [
         "https://{domain}:{port}/authz_cb/django"
       ],
-      "post_logout_redirect_uris": [
-        "https://{domain}:{port}/session_logout/django"
-      ],
+      "post_logout_redirect_uris": "https://{domain}:{port}/session_logout/django",
       "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/django",
       "frontchannel_logout_session_required": true,
       "backchannel_logout_uri": "https://{domain}:{port}/bc_logout/django",
diff --git a/src/oidcrp/configure.py b/src/oidcrp/configure.py
@@ -100,7 +100,7 @@ def extend(self, entity_conf, conf, base_path, file_attributes, domain, port):
 
 
 URIS = [
-    "redirect_uris", 'post_logout_redirect_uris', 'frontchannel_logout_uri',
+    "redirect_uris", 'post_logout_redirect_uri', 'frontchannel_logout_uri',
     'backchannel_logout_uri', 'issuer', 'base_url']
 
 
diff --git a/src/oidcrp/oidc/end_session.py b/src/oidcrp/oidc/end_session.py
@@ -59,7 +59,7 @@ def add_post_logout_redirect_uri(self, request_args=None, **kwargs):
             if _uri:
                 request_args['post_logout_redirect_uri'] = _uri
             else:
-                _uris = _context.callback.get("post_logout_redirect_uris", [])
+                _uris = _context.callback.get("post_logout_redirect_uri", [])
                 if _uris:
                     request_args['post_logout_redirect_uri'] = _uris[0]
 
diff --git a/src/oidcrp/oidc/registration.py b/src/oidcrp/oidc/registration.py
@@ -80,7 +80,7 @@ def create_callbacks(issuer: str,
         res["request_uris"] = f"{base_url}/req_uri/{_hex}"
 
     if backchannel_logout_uri or frontchannel_logout_uri:
-        res["post_logout_redirect_uris"] = [f"{base_url}/session_logout/{_hex}"]
+        res["post_logout_redirect_uri"] = [f"{base_url}/session_logout/{_hex}"]
 
     if backchannel_logout_uri:
         res["backchannel_logout_uri"] = f"{base_url}/bc_logout/{_hex}"
@@ -162,7 +162,7 @@ def add_callbacks(context, ignore: Optional[List[str]] = None):
     context.set('callback', callbacks)
 
 
-CALLBACK_URIS = ["post_logout_redirect_uris", "backchannel_logout_uri", "frontchannel_logout_uri",
+CALLBACK_URIS = ["post_logout_redirect_uri", "backchannel_logout_uri", "frontchannel_logout_uri",
                  "request_uris", 'redirect_uris']
 
 
diff --git a/src/oidcrp/rp_handler.py b/src/oidcrp/rp_handler.py
@@ -273,8 +273,8 @@ def do_client_registration(self, client=None,
         self.hash2issuer[iss_id] = _iss
 
         # This should only be interesting if the client supports Single Log Out
-        # if _context.callback.get("post_logout_redirect_uris") is None:
-        #     _context.callback["post_logout_redirect_uris"] = [self.base_url]
+        # if _context.callback.get("post_logout_redirect_uri") is None:
+        #     _context.callback["post_logout_redirect_uri"] = [self.base_url]
 
         if not _context.client_id:  # means I have to do dynamic client registration
             if request_args is None:
diff --git a/tests/test_13_oidc_service.py b/tests/test_13_oidc_service.py
@@ -608,11 +608,11 @@ def test_construct(self):
 
     def test_config_with_post_logout(self):
         self.service.client_get("service_context").register_args[
-            'post_logout_redirect_uris'] = ['https://example.com/post_logout']
+            'post_logout_redirect_uri'] = 'https://example.com/post_logout'
         _req = self.service.construct()
         assert isinstance(_req, RegistrationRequest)
         assert len(_req) == 5
-        assert 'post_logout_redirect_uris' in _req
+        assert 'post_logout_redirect_uri' in _req
 
 
 def test_config_with_required_request_uri():
@@ -666,7 +666,7 @@ def test_config_logout_uri():
     assert len(_req) == 7
     assert 'request_uris' in _req
     assert 'frontchannel_logout_uri' in _req
-    assert 'post_logout_redirect_uris' in _req
+    assert 'post_logout_redirect_uri' in _req
 
 
 class TestUserInfo(object):
@@ -874,7 +874,7 @@ def create_request(self):
             'redirect_uris': ['https://example.com/cli/authz_cb'],
             'issuer': self._iss, 'requests_dir': 'requests',
             'base_url': 'https://example.com/cli/',
-            'post_logout_redirect_uris': ['https://example.com/post_logout']
+            'post_logout_redirect_uri': 'https://example.com/post_logout'
         }
         services = {
             "checksession": {
diff --git a/tests/test_20_rp_handler_oidc.py b/tests/test_20_rp_handler_oidc.py
@@ -312,7 +312,7 @@ def test_do_client_registration(self):
         # only 2 things should have happened
 
         assert self.rph.hash2issuer['github'] == issuer
-        assert client.client_get("service_context").callback.get("post_logout_redirect_uris") is None
+        assert client.client_get("service_context").callback.get("post_logout_redirect_uri") is None
 
     def test_do_client_setup(self):
         client = self.rph.client_setup('github')
