Forum Discussion
sricharan61
Cirrus
Got it, i think actual issue i wanted to address is when in 1) we dont know what the URI path is as well.. except for the fact that it contains logout-apm?
we dont know before hand what the pos_logout_redirect_uri exactly has as its value... like for now we do know /includes/logged_out.aspx is what the post_logout parameter in 1) is going to be so we are able to define it in the redirect URI directly. We want to be able to be in a position where F5 can actually learn that in real time as well and use it to populate part of the uri section in 2)
Dec 10, 2019
Can you try this?
when HTTP_REQUEST {
if { [HTTP::uri] starts_with "/logout-apm" } {
if { [HTTP::uri] contains "post_logout_redirect_uri" } {
set postLogoutValue [URI::query [HTTP::uri] post_logout_redirect_uri]
# log local0. "Logout Value: $postLogoutValue - Redirect Uri: https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=https://[HTTP::host]$postLogoutValue"
HTTP::redirect "https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=https://[HTTP::host]$postLogoutValue"
}
else {
# log local0. "logout uri not contains post_logout_redirect_uri parameter"
}
}
}