[Web] Fix oAuth logout after authentication (if enabled)

2020-05-04 21:51:42 +02:00 · 2020-05-04 21:51:42 +02:00 · 565feada7e
parent caff918b69
commit 565feada7e
2 changed files with 4 additions and 8 deletions
--- a/data/web/oauth/authorize.php
+++ b/data/web/oauth/authorize.php
@ -60,6 +60,10 @@ $is_authorized = ($_POST['authorized'] == '1');
 $oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized, $_SESSION['mailcow_cc_username']);
 if ($is_authorized) {
  unset($_SESSION['oauth2_request']);
+  if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
+    session_unset();
+    session_destroy();
+  }
  header('Location: ' . $response->getHttpHeader('Location'));
  exit;
 }
--- a/data/web/oauth/profile.php
+++ b/data/web/oauth/profile.php
@ -22,16 +22,8 @@ if (!empty($mailbox)) {
      'modified' => (!empty($mailbox['modified']) ? $mailbox['modified'] : ''),
      'active' => (!empty($mailbox['active']) ? $mailbox['active'] : ''),
    ));
-    if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
-      session_unset();
-      session_destroy();
-    }
    exit;
  }
-  if ($GLOBALS['OAUTH2_FORGET_SESSION_AFTER_LOGIN'] === true) {
-    session_unset();
-    session_destroy();
-  }
 }
 echo json_encode(array(
  'success' => false