using browser
everything works find if i login and logout using the browser
eg. i login using the keycloak form and i logout by pasting the following in the browser
{}/oauth/logout?redirect={}/auth/realms/{}/protocol/openid-connect/logout
when i check the keycloak admin page, the session is removed as expected
using python requests sessions
i login using the following
r = self.session.post(
"{}/oauth/login".format(self.host),
data={"username": username, "password": password},
verify=False
)
this works and when i try to access any endpoints i am able to after login
i logout using the following
url = "{}/oauth/logout?redirect={}/auth/realms/{}/protocol/openid-connect/logout".format(
self.host,
self.host,
self.realm_name
)
r = self.session.get(
url,
allow_redirects=True,
verify=False,
)
this logs me out of gatekeeper and clears the cookies (i cant acccess and endpoints which is correct), however in the keycloak admin page, i still see my session active.
the cookies should have been kept in the session, anyone knows why? thanks
Edit:
i think its because when i login through gatekeeper using the endpoint
/oauth/login
it does not return these 3 cookies which i get when i use the browser
AUTH_SESSION
KEYCLOAK_IDENTITY
KEYCLOAK_SESSION
these 3 cookies come from the endpoint
https://{}/auth/realms/{}/protocol/openid-connect/token
however, since i dont login through the form, i dont have these tokens
