Based on the specification at https://openid.net/specs/openid-connect-rpinitiated-1_0.html
When logging out, this feature will redirect the user to the end_session_url from the discovery document. Their most recent id token will be included in the `id_token_hint` parameter.
To use this, the identity provider must include an end_session_url in the discovery document, and the openid_connect_rp_initiated_logout site setting must be enabled.
Previously an error loading the discovery document would raise an exception. Now, it will display an error to the user, and log the error for site admins to view at `/logs`. Specs are updated and improved accordingly.
This moves the discovery document fetching out of OmniAuth and into Discourse. This makes it available for the upcoming rp-initiated-logout support.
This makes use of Faraday middleware to log precise details about all requests made by the OAuth2 gem. This should make it easier to debug configuration issues
David Taylor
Guo Xiang Tan