Skip to content

SSO Phase 1 Task 7: logout revokes the SSO session #263

Description

@ahmetabdullahgultekin

Why: Logout must terminate the hub session and expire the cookie, or a stolen/leftover cookie keeps minting codes.

Done when:

  • Modify the POST /auth/logout handler/service to revoke the SSO session in the store + expire the fv_sso cookie (max-age 0) when the flag is ON.
  • Failing test first (extends the logout test): after logout the session is revoked and the response expires the cookie.

source: docs/SSO_APP_LAUNCHER_PHASE1_PLAN.md:78


Migrated from docs/SSO_APP_LAUNCHER_PHASE1_PLAN.md (git history retains the original).

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions