Pass id_token_hint on logout

fsinfuhh · Feb 8, 2024 · e6d69b9 · e6d69b9
1 parent edfa16c
commit e6d69b9
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 15 deletions.
diff --git a/src/simple_openid_connect/data.py b/src/simple_openid_connect/data.py
@@ -201,9 +201,6 @@ class Config:
     sid: Optional[str]
     "OPTIONAL. Session ID - String identifier for a Session. This represents a Session of a User Agent or device for a logged-in End-User at an RP. Different sid values are used to identify distinct sessions at an OP. The sid value need only be unique in the context of a particular issuer. Its contents are opaque to the RP."
 
-    raw_token: Optional[str]
-    "The raw token received from the issuer."
-
     def validate_extern(
         self,
         issuer: str,
@@ -297,14 +294,6 @@ def validate_extern(
                 "The session associated with this ID-Token was authenticated too far in the past",
             )
 
-    @classmethod
-    def parse_jwt(
-        cls: Type["IdToken"], value: str, signing_keys: List[JWK]
-    ) -> "IdToken":
-        token = super().parse_jwt(value, signing_keys)
-        token.raw_token = value
-        return token
-
 
 class JwtAccessToken(OpenidBaseModel):
     """

diff --git a/src/simple_openid_connect/integrations/django/models.py b/src/simple_openid_connect/integrations/django/models.py
@@ -87,6 +87,7 @@ def update_session(
             refresh_token=token_response.refresh_token or "",
             refresh_token_expiry=_calc_expiry(token_response.refresh_expires_in),
             _id_token=id_token.json(),  # type: ignore[unused-ignore,misc]
+            raw_id_token=token_response.id_token,
         )
 
 
@@ -107,6 +108,7 @@ class OpenidSession(models.Model):
     refresh_token = models.TextField(blank=True)
     refresh_token_expiry = models.DateTimeField(null=True)
     _id_token = models.TextField("json representation of this sessions is token")
+    raw_id_token = models.TextField(blank=True)
 
     @property
     def id_token(self) -> IdToken:
@@ -116,13 +118,10 @@ def id_token(self) -> IdToken:
     def id_token(self, value: IdToken) -> None:
         self._id_token = value.json()
 
-    @property
-    def raw_id_token(self) -> Optional[str]:
-        return self.id_token.raw_token
-
     def update_session(self, token_response: TokenSuccessResponse) -> None:
         self.scope = str(token_response.scope)
         self.access_token = token_response.access_token
         self.access_token_expiry = _calc_expiry(token_response.expires_in)
         self.refresh_token = token_response.refresh_token or ""
         self.refresh_token_expiry = _calc_expiry(token_response.refresh_expires_in)
+        self.raw_id_token = token_response.id_token