vikunja/pkg/modules/auth
kolaente 6f4a21ddad fix(auth): read cached provider for OIDC logout so it never blocks on discovery
BuildEndSessionURL called GetProvider, which unconditionally runs
setOicdProvider -> oidc.NewProvider, a live HTTP GET of the OP's
discovery document (with RetryWithBackoff). On every logout this is an
unnecessary round-trip, and when the OP is unreachable the retries make
/user/logout hang, defeating the "logout stays responsive" guarantee.

The logout path only needs static fields already cached on the provider
(EndSessionURL/LogoutURL/ClientID); it never touches the live
openIDProvider/Oauth2Config. Add a cache-only getCachedProvider accessor
(GetProvider without the trailing setOicdProvider) and have
BuildEndSessionURL use it.

Login/callback keep using GetProvider: token exchange and ID-token
verification legitimately need the live-provider rehydration.
2026-06-19 17:52:45 +02:00
..
ldap fix(auth): skip profile updates for disabled LDAP users 2026-03-23 16:37:26 +00:00
oauth2server fix(auth): build OIDC end-session URL with id_token_hint and post_logout_redirect_uri 2026-06-19 16:06:26 +02:00
openid fix(auth): read cached provider for OIDC logout so it never blocks on discovery 2026-06-19 17:52:45 +02:00
auth.go fix(auth): build OIDC end-session URL with id_token_hint and post_logout_redirect_uri 2026-06-19 16:06:26 +02:00
auth_test.go feat(auth): add GetAuthFromContext for Huma handlers 2026-05-31 12:56:57 +00:00