Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to log out from a session? #354

Open
croessner opened this issue Nov 22, 2024 · 1 comment
Open

How to log out from a session? #354

croessner opened this issue Nov 22, 2024 · 1 comment
Labels
❓ question Further information is requested

Comments

@croessner
Copy link

Problem Statement

Good things first:

I can successfully use Ory-Hydra as OIDC-server with my project Nauthilus (which implements hydra endpoints...).

I see the login page and I can enter user, password, TOTP and the connection is established. Very well!

Not using default browser (Brave)

But now I wonder, how I could logout from the session? Viscosity does not use my default browser Brave. Also Safari seems not to be the browser Viscosity used to log in.

Hydra can remember a logged-in session for some time (in my case, a week). If you want to log out earlier, I would visit:
https://oauth.******.me:4444/oauth2/sessions/logout

How can I log out from Viscosity?

As this project has listed SparkLabs, I hope this is the right place for my question.

Additional

I have added my env further down. Feel free to add Ory-Hydra and Nauthilus to your docs.

openvpn-auth-oauth2 logs

There are no issues when connecting.

Environment

  • openvpn-auth-oauth2 Version: 1.22.4
  • OpenVPN Server Version: 2.6.12-jammy0 (Repo from OpenVPN)
  • Server OS: Ubuntu 22.04 LTS - ESM
  • OpenVPN Client (flavor, OS): Viscosity 1.11.3 on macOS Sequoia
  • Ory-Hydra (https://www.ory.sh/): 2.2.0
  • Nauthilus (github.com/croessner/nauthilus): dev

My running config for this OIDC-provider looks like this, in case you want to add it to your docs:

CONFIG_OAUTH2_PROVIDER="generic"
CONFIG_OAUTH2_ISSUER="https://oauth.******.me:4444"
CONFIG_OAUTH2_CLIENT_ID="******"
CONFIG_OAUTH2_CLIENT_SECRET="******"
CONFIG_OAUTH2_SCOPES="openid profile"

Created hydra client like this:

docker exec -it hydra \
  hydra create oauth2-client \
    --endpoint https://oauth.******.me:4445 \
    --format json \
    --name "OpenVPN" \
    --grant-type authorization_code,refresh_token \
    --response-type token,code,id_token \
    --token-endpoint-auth-method client_secret_post \
    --redirect-uri https://oauth2-baseurl-goes-here/oauth2/callback \
    --scope openid,profile \
    --contact optional@mailaddress.tld \
    --owner optional@mailaddress.tld \
    --policy-uri https://******/datenschutz/ \
    --tos-uri https://******/impressum/ \
    --client-uri https://******/anwendungen/ \
    --skip-consent
@croessner croessner added the ❓ question Further information is requested label Nov 22, 2024
@jkroepke
Copy link
Owner

There should be an option on Viscosity side to clear session cookies OR not store session cookies for the internal web view browser.

To my best knowledge, I guess such option does not exists, but that needs to be implemented on Viscosity side. If you are Viscosity customer, you may have to reach out the Viscosity support for that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
❓ question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jkroepke @croessner