diff --git a/src/auth0-session/client/edge-client.ts b/src/auth0-session/client/edge-client.ts index 371f6ecf..463407b7 100644 --- a/src/auth0-session/client/edge-client.ts +++ b/src/auth0-session/client/edge-client.ts @@ -193,7 +193,7 @@ export class EdgeClient extends AbstractClient { this.config.idpLogout && (this.config.auth0Logout || (issuerUrl.hostname.match('\\.auth0\\.com$') && this.config.auth0Logout !== false)) ) { - const { id_token_hint, post_logout_redirect_uri, ...extraParams } = parameters; + const { post_logout_redirect_uri, ...extraParams } = parameters; const auth0LogoutUrl: URL = new URL(urlJoin(as.issuer, '/v2/logout')); post_logout_redirect_uri && auth0LogoutUrl.searchParams.set('returnTo', post_logout_redirect_uri); auth0LogoutUrl.searchParams.set('client_id', this.config.clientID); diff --git a/src/auth0-session/client/node-client.ts b/src/auth0-session/client/node-client.ts index d7f1f8d7..5a2811ca 100644 --- a/src/auth0-session/client/node-client.ts +++ b/src/auth0-session/client/node-client.ts @@ -147,7 +147,7 @@ export class NodeClient extends AbstractClient { ) { Object.defineProperty(this.client, 'endSessionUrl', { value(params: EndSessionParameters) { - const { id_token_hint, post_logout_redirect_uri, ...extraParams } = params; + const { post_logout_redirect_uri, ...extraParams } = params; const parsedUrl = new URL(urlJoin(issuer.metadata.issuer, '/v2/logout')); parsedUrl.searchParams.set('client_id', config.clientID); post_logout_redirect_uri && parsedUrl.searchParams.set('returnTo', post_logout_redirect_uri); diff --git a/tests/auth0-session/client/edge-client.test.ts b/tests/auth0-session/client/edge-client.test.ts index 81718e5a..090e0cce 100644 --- a/tests/auth0-session/client/edge-client.test.ts +++ b/tests/auth0-session/client/edge-client.test.ts @@ -235,6 +235,24 @@ describe('edge client', function () { ); }); + it('should create custom logout for auth0 with id_token_hint', async function () { + nock('https://test.eu.auth0.com') + .get('/.well-known/openid-configuration') + .reply(200, { ...wellKnown, issuer: 'https://test.eu.auth0.com/', end_session_endpoint: undefined }); + nock('https://test.eu.auth0.com').get('/.well-known/jwks.json').reply(200, jwks); + + const client = await getClient({ + issuerBaseURL: 'https://test.eu.auth0.com', + idpLogout: true, + }); + + const idToken = await makeIdToken() + + await expect(client.endSessionUrl({ post_logout_redirect_uri: 'foo', id_token_hint: idToken })).resolves.toEqual( + `https://test.eu.auth0.com/v2/logout?returnTo=foo&client_id=__test_client_id__&id_token_hint=${idToken}` + ); + }); + it('should remove null params from oidc logout endpoint', async function () { const client = await getClient({ ...defaultConfig, idpLogout: true }); await expect(client.endSessionUrl({ foo: null } as any)).resolves.toEqual( diff --git a/tests/auth0-session/client/node-client.test.ts b/tests/auth0-session/client/node-client.test.ts index bb55d548..51cee394 100644 --- a/tests/auth0-session/client/node-client.test.ts +++ b/tests/auth0-session/client/node-client.test.ts @@ -1,6 +1,6 @@ import nock from 'nock'; import { getConfig, ConfigParameters } from '../../../src/auth0-session'; -import { jwks } from '../fixtures/cert'; +import { jwks, makeIdToken } from '../fixtures/cert'; import pkg from '../../../package.json'; import wellKnown from '../fixtures/well-known.json'; import version from '../../../src/version'; @@ -180,6 +180,24 @@ describe('node client', function () { ); }); + it('should create custom logout for auth0 with id_token_hint', async function () { + nock('https://test.eu.auth0.com') + .get('/.well-known/openid-configuration') + .reply(200, { ...wellKnown, issuer: 'https://test.eu.auth0.com/', end_session_endpoint: undefined }); + nock('https://test.eu.auth0.com').get('/.well-known/jwks.json').reply(200, jwks); + + const client = await getClient({ + issuerBaseURL: 'https://test.eu.auth0.com', + idpLogout: true, + }); + + const idToken = await makeIdToken() + + await expect(client.endSessionUrl({ post_logout_redirect_uri: 'foo', id_token_hint: idToken })).resolves.toEqual( + `https://test.eu.auth0.com/v2/logout?client_id=__test_client_id__&returnTo=foo&id_token_hint=${idToken}` + ); + }); + it('should handle limited openid-configuration', async function () { nock('https://op2.example.com') .get('/.well-known/openid-configuration')