fix: logout problems in combination of Proxy and keycloak

Author: mfd2007

README.md

@@ -166,6 +166,17 @@ There are the following default users:
 |all        |all        |**auditor, reviewer, publisher, editor, author, registred**  |
 |none       |none       |                                                             |
 
+### Login & Logout in combination with Secvisogram
+
+Some explantion on the logoutUrl configured in `.well-known/appspecific/de.bsi.secvisogram.json` for Secvisogram
+
+``` 
+"logoutUrl": "/oauth2/sign_out?rd=http://localhost/realms/csaf/protocol/openid-connect/logout?post_logout_redirect_uri=http%3A%2F%2Flocalhost&client_id=secvisogram", 
+```
+
+`/oauth2/sign_out` is the logout URI from the OAUTH-Proxy. This will invalidate the session on the proxy. Then a redirect to Keycloak (`http://localhost/realms/csaf/protocol/openid-connect/logout?post_logout_redirect_uri=http%3A%2F%2Flocalhost&client_id=secvisogram`) is necessary to log out the session on keyloak. Then there is a redirect back to Secvisogram (`localhost`).
+
+When changes hostnames this has to adopted. 
 
 ### build and execute tests
 

docker/secvisogram/appspecific/de.bsi.secvisogram.json

@@ -1,7 +1,7 @@
 {
   "loginAvailable": true,
-  "loginUrl": "/oauth2/sign_in?rd=http%3A%2F%2Flocalhost%3A9000",
-  "logoutUrl": "/oauth2/sign_out?rd=http%3A%2F%2Flocalhost%3A9000",
+  "loginUrl": "/oauth2/sign_in?rd=http%3A%2F%2Flocalhost",
+  "logoutUrl": "/oauth2/sign_out?rd=http://localhost/realms/csaf/protocol/openid-connect/logout?post_logout_redirect_uri=http%3A%2F%2Flocalhost&client_id=secvisogram",
   "userInfoUrl": "/oauth2/userinfo",
   "validatorUrl": "/validate"
 }

keycloak/csaf-realm.json

@@ -42,7 +42,7 @@
   "registrationAllowed": false,
   "verifyEmail": false,
   "attributes" : {
-    "frontendUrl": "http://localhost:9000/"
+    "frontendUrl": "http://localhost/"
   },
   "roles": {
     "client": {