Had problems with logout. Now, fixed.

Author: rohe

example/flask_rp/conf.json

@@ -301,6 +301,32 @@
       "post_logout_redirect_uri": "https://{domain}:{port}/session_logout/bobcat",
       "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/bobcat",
       "frontchannel_logout_session_required": true
+    },
+    "local": {
+      "issuer": "https://127.0.0.1:5000/",
+      "client_preferences": {
+        "application_name": "rphandler",
+        "application_type": "web",
+        "contacts": [
+          "[email protected]"
+        ],
+        "response_types": [
+          "code"
+        ],
+        "scope": [
+          "openid",
+          "profile",
+          "email",
+          "address",
+          "phone"
+        ]
+      },
+      "redirect_uris": [
+        "https://{domain}:{port}/authz_cb/local"
+      ],
+      "post_logout_redirect_uri": "https://{domain}:{port}/session_logout/local",
+      "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/local",
+      "frontchannel_logout_session_required": true
     }
   },
   "webserver": {

example/flask_rp/views.py

@@ -233,7 +233,6 @@ def session_change():
 # post_logout_redirect_uri
 @oidc_rp_views.route('/session_logout/<op_identifier>')
 def session_logout(op_identifier):
-    op_identifier = get_op_identifier_by_cb_uri(request.url)
     _rp = get_rp(op_identifier)
     logger.debug('post_logout')
     return "Post logout from {}".format(_rp.client_get("service_context").issuer)

pyproject.toml

@@ -7,7 +7,7 @@ build-backend = "setuptools.build_meta"
 
 [metadata]
 name = "idpyoidc"
-version = "1.0.5"
+version = "1.0.6"
 author = "Roland Hedberg"
 author_email = "[email protected]"
 description = "Everything OAuth2 and OIDC"

src/idpyoidc/__init__.py

@@ -1,5 +1,5 @@
 __author__ = "Roland Hedberg"
-__version__ = "1.0.5"
+__version__ = "1.0.6"
 
 import os
 from typing import Dict

src/idpyoidc/server/client_authn.py

@@ -486,6 +486,7 @@ def verify_client(
         if not _method.is_usable(request=request, authorization_token=authorization_token):
             continue
         try:
+            logger.info(f"Verifying client authentication using {_method.tag}")
             auth_info = _method.verify(
                 request=request,
                 authorization_token=authorization_token,

src/idpyoidc/server/oauth2/authorization.py

@@ -129,7 +129,10 @@ def verify_uri(
     if client_info is None:
         raise KeyError("No such client")
 
-    redirect_uris = client_info.get(f"{uri_type}s")
+    if uri_type == "redirect_uri":
+        redirect_uris = client_info.get(f"{uri_type}s")
+    else:
+        redirect_uris = client_info.get(f"{uri_type}")
 
     if redirect_uris is None:
         raise RedirectURIError(f"No registered {uri_type} for {_cid}")

src/idpyoidc/server/oidc/session.py

@@ -361,7 +361,7 @@ def parse_request(self, request, http_info=None, **kwargs):
 
         # Verify that the client is allowed to do this
         auth_info = self.client_authentication(request, http_info, **kwargs)
-        if not auth_info:
+        if not auth_info or auth_info["method"] == "none":
             pass
         elif isinstance(auth_info, ResponseMessage):
             return auth_info