starred/pocket-id-pocket-id-2
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-09 14:42:59 +03:00
Code Issues 116 Packages Projects Releases 10 Wiki Activity

🐛 Bug Report: using end_session_endpoint with Audiobookshelf causes ABS to log back in #360

New Issue
Closed
opened 2025-10-09 16:41:50 +03:00 by OVERLORD · 2 comments
OVERLORD commented 2025-10-09 16:41:50 +03:00
Owner
Copy Link

Originally created by @EweSparky on GitHub.

Reproduction steps

I updated my Audiobookshelf instance with an OIDC logout URL of https://id.example.com/api/oidc/end-session in Settings > Authentication. ABS doesn't have its own logout callback URL, so I left that parameter blank in Pocket ID > OIDC Clients > Audiobookshelf configuration.

I open an incognito tab, log into ABS with Pocket ID, get redirected back to ABS, click on my username and click on Logout.

Expected behavior

ABS redirects to Pocket ID and asks if I want to log out of Audiobookshelf.

Actual Behavior

ABS redirects to Pocket ID, which then reauthenticates me and logs me back into ABS.

It does work with Nextcloud oidc_client NC app (see logs below), so I'm not sure if the problem is Pocket ID or ABS (or my config).

Version and Environment

Docker version 27.5.1, build 9f9e405
Docker Compose version v2.32.4
Pocket ID version 0.33.0

Log Output

Here are logs showing:

  1. Open incognito window, log into Nextcloud instance with Pocket ID, log out of Nextcloud, get logged out of Pocket ID, then close incognito window.
  2. Open incognito window, log into ABS instance with Pocket ID, log out of ABS, get logged back into ABS.
pocket-id  | [GIN] 2025/02/14 - 23:56:57 | 200 |     261.967µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:56:57 | 200 |     280.448µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:11 | 401 |        79.5µs |             ::1 | GET      "/api/users/me"
pocket-id  | Error #01: You are not signed in
pocket-id  | [GIN] 2025/02/14 - 23:57:11 | 401 |     193.353µs |             ::1 | GET      "/api/users/me"
pocket-id  | Error #01: You are not signed in
pocket-id  | [GIN] 2025/02/14 - 23:57:11 | 200 |    5.744251ms |             ::1 | GET      "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0"
pocket-id  | [GIN] 2025/02/14 - 23:57:11 | 200 |    5.781414ms |             ::1 | GET      "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0"
pocket-id  | [GIN] 2025/02/14 - 23:57:11 | 200 |    1.085925ms |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:11 | 200 |    1.113459ms |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |     104.211µs |     10.10.70.32 | GET      "/api/application-configuration/logo?light=true"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |     217.434µs |     10.10.70.32 | GET      "/api/application-configuration/logo?light=true"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |     359.341µs |     10.10.70.32 | GET      "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0/logo"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |     473.469µs |     10.10.70.32 | GET      "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0/logo"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |    5.043185ms |     10.10.70.32 | GET      "/api/application-configuration/background-image"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |     5.08217ms |     10.10.70.32 | GET      "/api/application-configuration/background-image"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |     132.649µs |     10.10.70.32 | GET      "/api/application-configuration/favicon"
pocket-id  | [GIN] 2025/02/14 - 23:57:12 | 200 |     155.336µs |     10.10.70.32 | GET      "/api/application-configuration/favicon"
pocket-id  | [GIN] 2025/02/14 - 23:57:14 | 200 |  317.787267ms |     10.10.70.32 | GET      "/api/webauthn/login/start"
pocket-id  | [GIN] 2025/02/14 - 23:57:14 | 200 |  317.807639ms |     10.10.70.32 | GET      "/api/webauthn/login/start"
pocket-id  | [GIN] 2025/02/14 - 23:57:18 | 200 |  197.309145ms |     10.10.70.32 | POST     "/api/webauthn/login/finish"
pocket-id  | [GIN] 2025/02/14 - 23:57:18 | 200 |  197.327446ms |     10.10.70.32 | POST     "/api/webauthn/login/finish"
pocket-id  | [GIN] 2025/02/14 - 23:57:18 | 200 |     573.516µs |     10.10.70.32 | POST     "/api/oidc/authorization-required"
pocket-id  | [GIN] 2025/02/14 - 23:57:18 | 200 |     597.953µs |     10.10.70.32 | POST     "/api/oidc/authorization-required"
pocket-id  | [GIN] 2025/02/14 - 23:57:18 | 200 |  443.101614ms |     10.10.70.32 | POST     "/api/oidc/authorize"
pocket-id  | [GIN] 2025/02/14 - 23:57:18 | 200 |  443.119052ms |     10.10.70.32 | POST     "/api/oidc/authorize"
pocket-id  | [GIN] 2025/02/14 - 23:57:19 | 200 |  246.400157ms |   172.27.29.254 | POST     "/api/oidc/token"
pocket-id  | [GIN] 2025/02/14 - 23:57:19 | 200 |  246.425988ms |   172.27.29.254 | POST     "/api/oidc/token"
pocket-id  | 2025/02/14 23:57:29 Error getting logout callback URL, the user has to confirm the logout manually: Token is invalid
pocket-id  | [GIN] 2025/02/14 - 23:57:29 | 302 |     133.377µs |     10.10.70.32 | GET      "/api/oidc/end-session?post_logout_redirect_uri=https://nextcloud.example.com/&client_id=b0938249-18a7-4a6b-a29a-8a3d61df2da0"
pocket-id  | [GIN] 2025/02/14 - 23:57:29 | 302 |     148.189µs |     10.10.70.32 | GET      "/api/oidc/end-session?post_logout_redirect_uri=https://nextcloud.example.com/&client_id=b0938249-18a7-4a6b-a29a-8a3d61df2da0"
pocket-id  | [GIN] 2025/02/14 - 23:57:29 | 200 |     433.612µs |             ::1 | GET      "/api/users/me"
pocket-id  | [GIN] 2025/02/14 - 23:57:29 | 200 |     448.374µs |             ::1 | GET      "/api/users/me"
pocket-id  | [GIN] 2025/02/14 - 23:57:29 | 200 |     316.374µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:29 | 200 |     334.933µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:31 | 204 |     126.216µs |     10.10.70.32 | POST     "/api/webauthn/logout"
pocket-id  | [GIN] 2025/02/14 - 23:57:31 | 204 |     144.421µs |     10.10.70.32 | POST     "/api/webauthn/logout"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 401 |      44.814µs |             ::1 | GET      "/api/users/me"
pocket-id  | Error #01: You are not signed in
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 401 |      63.082µs |             ::1 | GET      "/api/users/me"
pocket-id  | Error #01: You are not signed in
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |     412.196µs |             ::1 | GET      "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |     426.291µs |             ::1 | GET      "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |     240.903µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |     258.983µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |     348.144µs |     10.10.70.32 | GET      "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5/logo"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |     606.247µs |     10.10.70.32 | GET      "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5/logo"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |      64.069µs |     10.10.70.32 | GET      "/api/application-configuration/logo?light=true"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |     215.447µs |     10.10.70.32 | GET      "/api/application-configuration/logo?light=true"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |    5.152644ms |     10.10.70.32 | GET      "/api/application-configuration/background-image"
pocket-id  | [GIN] 2025/02/14 - 23:57:36 | 200 |    5.230622ms |     10.10.70.32 | GET      "/api/application-configuration/background-image"
pocket-id  | [GIN] 2025/02/14 - 23:57:37 | 200 |     258.756µs |     10.10.70.32 | GET      "/api/application-configuration/favicon"
pocket-id  | [GIN] 2025/02/14 - 23:57:37 | 200 |     293.192µs |     10.10.70.32 | GET      "/api/application-configuration/favicon"
pocket-id  | [GIN] 2025/02/14 - 23:57:38 | 200 |  126.174602ms |     10.10.70.32 | GET      "/api/webauthn/login/start"
pocket-id  | [GIN] 2025/02/14 - 23:57:38 | 200 |  126.201489ms |     10.10.70.32 | GET      "/api/webauthn/login/start"
pocket-id  | [GIN] 2025/02/14 - 23:57:40 | 200 |  135.478898ms |     10.10.70.32 | POST     "/api/webauthn/login/finish"
pocket-id  | [GIN] 2025/02/14 - 23:57:40 | 200 |  135.497652ms |     10.10.70.32 | POST     "/api/webauthn/login/finish"
pocket-id  | [GIN] 2025/02/14 - 23:57:40 | 200 |     507.735µs |     10.10.70.32 | POST     "/api/oidc/authorization-required"
pocket-id  | [GIN] 2025/02/14 - 23:57:40 | 200 |     541.357µs |     10.10.70.32 | POST     "/api/oidc/authorization-required"
pocket-id  | [GIN] 2025/02/14 - 23:57:41 | 200 |  265.616646ms |     10.10.70.32 | POST     "/api/oidc/authorize"
pocket-id  | [GIN] 2025/02/14 - 23:57:41 | 200 |  265.656246ms |     10.10.70.32 | POST     "/api/oidc/authorize"
pocket-id  | [GIN] 2025/02/14 - 23:57:42 | 200 |  292.744881ms |   172.27.29.254 | POST     "/api/oidc/token"
pocket-id  | [GIN] 2025/02/14 - 23:57:42 | 200 |   292.76841ms |   172.27.29.254 | POST     "/api/oidc/token"
pocket-id  | [GIN] 2025/02/14 - 23:57:42 | 200 |    1.220207ms |   172.27.29.254 | GET      "/api/oidc/userinfo"
pocket-id  | [GIN] 2025/02/14 - 23:57:42 | 200 |    1.247141ms |   172.27.29.254 | GET      "/api/oidc/userinfo"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     449.785µs |             ::1 | GET      "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     481.743µs |             ::1 | GET      "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     792.117µs |             ::1 | GET      "/api/users/me"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     819.632µs |             ::1 | GET      "/api/users/me"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     412.127µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     452.714µs |             ::1 | GET      "/api/application-configuration"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     376.812µs |     10.10.70.32 | POST     "/api/oidc/authorization-required"
pocket-id  | [GIN] 2025/02/14 - 23:57:45 | 200 |     403.019µs |     10.10.70.32 | POST     "/api/oidc/authorization-required"
pocket-id  | [GIN] 2025/02/14 - 23:57:46 | 200 |  254.647137ms |     10.10.70.32 | POST     "/api/oidc/authorize"
pocket-id  | [GIN] 2025/02/14 - 23:57:46 | 200 |  254.673647ms |     10.10.70.32 | POST     "/api/oidc/authorize"
pocket-id  | [GIN] 2025/02/14 - 23:57:47 | 200 |  295.148045ms |   172.27.29.254 | POST     "/api/oidc/token"
pocket-id  | [GIN] 2025/02/14 - 23:57:47 | 200 |  295.179605ms |   172.27.29.254 | POST     "/api/oidc/token"
pocket-id  | [GIN] 2025/02/14 - 23:57:47 | 200 |    1.350464ms |   172.27.29.254 | GET      "/api/oidc/userinfo"
pocket-id  | [GIN] 2025/02/14 - 23:57:47 | 200 |    1.376455ms |   172.27.29.254 | GET      "/api/oidc/userinfo"
Originally created by @EweSparky on GitHub. ### Reproduction steps I updated my Audiobookshelf instance with an OIDC logout URL of `https://id.example.com/api/oidc/end-session` in Settings > Authentication. ABS doesn't have its own logout callback URL, so I left that parameter blank in Pocket ID > OIDC Clients > Audiobookshelf configuration. I open an incognito tab, log into ABS with Pocket ID, get redirected back to ABS, click on my username and click on Logout. ### Expected behavior ABS redirects to Pocket ID and asks if I want to log out of Audiobookshelf. ### Actual Behavior ABS redirects to Pocket ID, which then reauthenticates me and logs me back into ABS. It does work with Nextcloud oidc_client NC app (see logs below), so I'm not sure if the problem is Pocket ID or ABS (or my config). ### Version and Environment Docker version 27.5.1, build 9f9e405 Docker Compose version v2.32.4 Pocket ID version 0.33.0 ### Log Output Here are logs showing: 1. Open incognito window, log into Nextcloud instance with Pocket ID, log out of Nextcloud, get logged out of Pocket ID, then close incognito window. 2. Open incognito window, log into ABS instance with Pocket ID, log out of ABS, get logged back into ABS. ```text pocket-id | [GIN] 2025/02/14 - 23:56:57 | 200 | 261.967µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:56:57 | 200 | 280.448µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:11 | 401 | 79.5µs | ::1 | GET "/api/users/me" pocket-id | Error #01: You are not signed in pocket-id | [GIN] 2025/02/14 - 23:57:11 | 401 | 193.353µs | ::1 | GET "/api/users/me" pocket-id | Error #01: You are not signed in pocket-id | [GIN] 2025/02/14 - 23:57:11 | 200 | 5.744251ms | ::1 | GET "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0" pocket-id | [GIN] 2025/02/14 - 23:57:11 | 200 | 5.781414ms | ::1 | GET "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0" pocket-id | [GIN] 2025/02/14 - 23:57:11 | 200 | 1.085925ms | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:11 | 200 | 1.113459ms | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 104.211µs | 10.10.70.32 | GET "/api/application-configuration/logo?light=true" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 217.434µs | 10.10.70.32 | GET "/api/application-configuration/logo?light=true" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 359.341µs | 10.10.70.32 | GET "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0/logo" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 473.469µs | 10.10.70.32 | GET "/api/oidc/clients/b0938249-18a7-4a6b-a29a-8a3d61df2da0/logo" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 5.043185ms | 10.10.70.32 | GET "/api/application-configuration/background-image" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 5.08217ms | 10.10.70.32 | GET "/api/application-configuration/background-image" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 132.649µs | 10.10.70.32 | GET "/api/application-configuration/favicon" pocket-id | [GIN] 2025/02/14 - 23:57:12 | 200 | 155.336µs | 10.10.70.32 | GET "/api/application-configuration/favicon" pocket-id | [GIN] 2025/02/14 - 23:57:14 | 200 | 317.787267ms | 10.10.70.32 | GET "/api/webauthn/login/start" pocket-id | [GIN] 2025/02/14 - 23:57:14 | 200 | 317.807639ms | 10.10.70.32 | GET "/api/webauthn/login/start" pocket-id | [GIN] 2025/02/14 - 23:57:18 | 200 | 197.309145ms | 10.10.70.32 | POST "/api/webauthn/login/finish" pocket-id | [GIN] 2025/02/14 - 23:57:18 | 200 | 197.327446ms | 10.10.70.32 | POST "/api/webauthn/login/finish" pocket-id | [GIN] 2025/02/14 - 23:57:18 | 200 | 573.516µs | 10.10.70.32 | POST "/api/oidc/authorization-required" pocket-id | [GIN] 2025/02/14 - 23:57:18 | 200 | 597.953µs | 10.10.70.32 | POST "/api/oidc/authorization-required" pocket-id | [GIN] 2025/02/14 - 23:57:18 | 200 | 443.101614ms | 10.10.70.32 | POST "/api/oidc/authorize" pocket-id | [GIN] 2025/02/14 - 23:57:18 | 200 | 443.119052ms | 10.10.70.32 | POST "/api/oidc/authorize" pocket-id | [GIN] 2025/02/14 - 23:57:19 | 200 | 246.400157ms | 172.27.29.254 | POST "/api/oidc/token" pocket-id | [GIN] 2025/02/14 - 23:57:19 | 200 | 246.425988ms | 172.27.29.254 | POST "/api/oidc/token" pocket-id | 2025/02/14 23:57:29 Error getting logout callback URL, the user has to confirm the logout manually: Token is invalid pocket-id | [GIN] 2025/02/14 - 23:57:29 | 302 | 133.377µs | 10.10.70.32 | GET "/api/oidc/end-session?post_logout_redirect_uri=https://nextcloud.example.com/&client_id=b0938249-18a7-4a6b-a29a-8a3d61df2da0" pocket-id | [GIN] 2025/02/14 - 23:57:29 | 302 | 148.189µs | 10.10.70.32 | GET "/api/oidc/end-session?post_logout_redirect_uri=https://nextcloud.example.com/&client_id=b0938249-18a7-4a6b-a29a-8a3d61df2da0" pocket-id | [GIN] 2025/02/14 - 23:57:29 | 200 | 433.612µs | ::1 | GET "/api/users/me" pocket-id | [GIN] 2025/02/14 - 23:57:29 | 200 | 448.374µs | ::1 | GET "/api/users/me" pocket-id | [GIN] 2025/02/14 - 23:57:29 | 200 | 316.374µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:29 | 200 | 334.933µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:31 | 204 | 126.216µs | 10.10.70.32 | POST "/api/webauthn/logout" pocket-id | [GIN] 2025/02/14 - 23:57:31 | 204 | 144.421µs | 10.10.70.32 | POST "/api/webauthn/logout" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 401 | 44.814µs | ::1 | GET "/api/users/me" pocket-id | Error #01: You are not signed in pocket-id | [GIN] 2025/02/14 - 23:57:36 | 401 | 63.082µs | ::1 | GET "/api/users/me" pocket-id | Error #01: You are not signed in pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 412.196µs | ::1 | GET "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 426.291µs | ::1 | GET "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 240.903µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 258.983µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 348.144µs | 10.10.70.32 | GET "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5/logo" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 606.247µs | 10.10.70.32 | GET "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5/logo" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 64.069µs | 10.10.70.32 | GET "/api/application-configuration/logo?light=true" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 215.447µs | 10.10.70.32 | GET "/api/application-configuration/logo?light=true" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 5.152644ms | 10.10.70.32 | GET "/api/application-configuration/background-image" pocket-id | [GIN] 2025/02/14 - 23:57:36 | 200 | 5.230622ms | 10.10.70.32 | GET "/api/application-configuration/background-image" pocket-id | [GIN] 2025/02/14 - 23:57:37 | 200 | 258.756µs | 10.10.70.32 | GET "/api/application-configuration/favicon" pocket-id | [GIN] 2025/02/14 - 23:57:37 | 200 | 293.192µs | 10.10.70.32 | GET "/api/application-configuration/favicon" pocket-id | [GIN] 2025/02/14 - 23:57:38 | 200 | 126.174602ms | 10.10.70.32 | GET "/api/webauthn/login/start" pocket-id | [GIN] 2025/02/14 - 23:57:38 | 200 | 126.201489ms | 10.10.70.32 | GET "/api/webauthn/login/start" pocket-id | [GIN] 2025/02/14 - 23:57:40 | 200 | 135.478898ms | 10.10.70.32 | POST "/api/webauthn/login/finish" pocket-id | [GIN] 2025/02/14 - 23:57:40 | 200 | 135.497652ms | 10.10.70.32 | POST "/api/webauthn/login/finish" pocket-id | [GIN] 2025/02/14 - 23:57:40 | 200 | 507.735µs | 10.10.70.32 | POST "/api/oidc/authorization-required" pocket-id | [GIN] 2025/02/14 - 23:57:40 | 200 | 541.357µs | 10.10.70.32 | POST "/api/oidc/authorization-required" pocket-id | [GIN] 2025/02/14 - 23:57:41 | 200 | 265.616646ms | 10.10.70.32 | POST "/api/oidc/authorize" pocket-id | [GIN] 2025/02/14 - 23:57:41 | 200 | 265.656246ms | 10.10.70.32 | POST "/api/oidc/authorize" pocket-id | [GIN] 2025/02/14 - 23:57:42 | 200 | 292.744881ms | 172.27.29.254 | POST "/api/oidc/token" pocket-id | [GIN] 2025/02/14 - 23:57:42 | 200 | 292.76841ms | 172.27.29.254 | POST "/api/oidc/token" pocket-id | [GIN] 2025/02/14 - 23:57:42 | 200 | 1.220207ms | 172.27.29.254 | GET "/api/oidc/userinfo" pocket-id | [GIN] 2025/02/14 - 23:57:42 | 200 | 1.247141ms | 172.27.29.254 | GET "/api/oidc/userinfo" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 449.785µs | ::1 | GET "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 481.743µs | ::1 | GET "/api/oidc/clients/00b63aba-f1c3-4779-858a-91ba5918d9e5" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 792.117µs | ::1 | GET "/api/users/me" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 819.632µs | ::1 | GET "/api/users/me" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 412.127µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 452.714µs | ::1 | GET "/api/application-configuration" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 376.812µs | 10.10.70.32 | POST "/api/oidc/authorization-required" pocket-id | [GIN] 2025/02/14 - 23:57:45 | 200 | 403.019µs | 10.10.70.32 | POST "/api/oidc/authorization-required" pocket-id | [GIN] 2025/02/14 - 23:57:46 | 200 | 254.647137ms | 10.10.70.32 | POST "/api/oidc/authorize" pocket-id | [GIN] 2025/02/14 - 23:57:46 | 200 | 254.673647ms | 10.10.70.32 | POST "/api/oidc/authorize" pocket-id | [GIN] 2025/02/14 - 23:57:47 | 200 | 295.148045ms | 172.27.29.254 | POST "/api/oidc/token" pocket-id | [GIN] 2025/02/14 - 23:57:47 | 200 | 295.179605ms | 172.27.29.254 | POST "/api/oidc/token" pocket-id | [GIN] 2025/02/14 - 23:57:47 | 200 | 1.350464ms | 172.27.29.254 | GET "/api/oidc/userinfo" pocket-id | [GIN] 2025/02/14 - 23:57:47 | 200 | 1.376455ms | 172.27.29.254 | GET "/api/oidc/userinfo" ```
OVERLORD added the bug label 2025-10-09 16:41:50 +03:00
OVERLORD commented 2025-10-09 16:41:55 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

It seems like Audiobookshelf doesn't call the end session endpoint.

Make sure that "Logout URL" is set to "https://your-pocket-id-domain/api/oidc/end-session" in Audiobookshelf. Additionally try to restart the Audiobookshelf container because when I tried it, it only worked after I restarted the container.

@stonith404 commented on GitHub: It seems like Audiobookshelf doesn't call the end session endpoint. Make sure that "Logout URL" is set to "https://your-pocket-id-domain/api/oidc/end-session" in Audiobookshelf. Additionally try to restart the Audiobookshelf container because when I tried it, it only worked after I restarted the container.
OVERLORD commented 2025-10-09 16:41:56 +03:00
Author
Owner
Copy Link

@EweSparky commented on GitHub:

It seems like Audiobookshelf doesn't call the end session endpoint.

Make sure that "Logout URL" is set to "https://your-pocket-id-domain/api/oidc/end-session" in Audiobookshelf. Additionally try to restart the Audiobookshelf container because when I tried it, it only worked after I restarted the container.

Restarting fixed it; I already had the session endpoint configured in ABS. I didn't have to recreate the container when I added the end session endpoint to Nextcloud, so maybe ABS had cached something.

Thanks.

@EweSparky commented on GitHub: > It seems like Audiobookshelf doesn't call the end session endpoint. > > Make sure that "Logout URL" is set to "https://your-pocket-id-domain/api/oidc/end-session" in Audiobookshelf. Additionally try to restart the Audiobookshelf container because when I tried it, it only worked after I restarted the container. Restarting fixed it; I already had the session endpoint configured in ABS. I didn't have to recreate the container when I added the end session endpoint to Nextcloud, so maybe ABS had cached something. Thanks.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-2#360
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?