Add OIDC end session endpoint and custom query params

[shawnhankim]

As a Product Manager,

I want to integrate with IdP's end session endpoint to terminate the user session on the IdP's side as the current NJS implementation clear the token itself, and the IdP's authenticated session still exists at the IdP. In addition to that I want to support the logout using the customizable variable regardless of different query parameters from each IdP.

AC:

• Add a map variable of $oidc_end_session_endpoint as same as authorization and token endpoints in the openid_connect_configuration.conf.

• Add a map variable of $oidc_logout_landing_page to determine where to redirect browser after successful logout from the IdP.

• Add a map variable of $oidc_end_session_query_params to support different query parameters per each IdP.

• Enhanc /logout location:

  • Add query parameters using $oidc_end_session_query_params for the $oidc_end_session_endpoint.
  • NGINX Plus: cleared tokens.
  • Redirected to the $oidc_end_session_endpoint to start ending session in the IdP.

• Enhanc /_logout location:

  • Redirected by IdP when IdP successfully finished the session.
  • Clean cookies
  • NGINX Plus: Redirect to the $oidc_logout_landing_page.