Skip to content

Commit da50d61

Browse files
adhocoreadhocore
committed
fix: token is not mandatory for signout
1 parent c78812c commit da50d61

File tree

1 file changed

+8
-11
lines changed

1 file changed

+8
-11
lines changed

goic.go

Lines changed: 8 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -434,25 +434,22 @@ func (g *Goic) SignOut(tok *Token, redir string, res http.ResponseWriter, req *h
434434
}
435435

436436
p, ok := g.providers[tok.Provider]
437-
if !ok || p.wellKnown.SignOutURI == "" {
437+
if !ok || !p.CanSignOut() {
438438
return ErrProviderSupport
439439
}
440440

441-
tk := tok.AccessToken
442-
if tk == "" && tok.RefreshToken != "" {
443-
tk = tok.RefreshToken
444-
}
445-
if tk == "" {
446-
return ErrTokenAccessKey
447-
}
448-
449441
redirect, err := http.NewRequest("GET", p.wellKnown.SignOutURI, nil)
450442
if err != nil {
451443
return err
452444
}
453445

454-
qry := redirect.URL.Query()
455-
qry.Add("id_token_hint", tk)
446+
tk, qry := tok.AccessToken, redirect.URL.Query()
447+
if tk == "" && tok.RefreshToken != "" {
448+
tk = tok.RefreshToken
449+
}
450+
if tk != "" {
451+
qry.Add("id_token_hint", tk)
452+
}
456453
if redir != "" {
457454
qry.Add("post_logout_redirect_uri", redir)
458455
}

0 commit comments

Comments
 (0)