OAuth2 end session throwing error when no session

[varvay]

Expected Behavior

Following a resolved GitHub issue #169 , similar issue still occurred in OAuth2 implementation. I'm guessing that the /oauth/logout endpoint also suppose to be idempotent.

Actual Behaviour

Error thrown upon /oauth/logout API execution,

{
	"_links": {
		"self": [
			{
				"href": "/oauth/logout",
				"templated": false
			}
		]
	},
	"_embedded": {
		"errors": [
			{
				"message": "Required argument [Authentication authentication] not specified",
				"path": "/authentication"
			}
		]
	},
	"message": "Bad Request"
}

Steps To Reproduce

In my use case, the web app hosted separately from the back-end Micronaut app. The back-end should exposes oauth/login and oauth/logout to the web app and integrated to AWS Cognito to perform these activities which orchestrated by Micronaut Security OAuth2 implementation.

Here's a snippet of the application properties,

micronaut:
  security:
    authentication: idtoken
    oauth2:
      clients:
        cognito:
          client-id: <AWS Cognito client ID>
          client-secret: <AWS Cognito client secret>
          grant-type: authorization_code
          scopes: <Scopes>
          openid:
            issuer: <AWS Cognito>

Environment Information

No response

Example Application

No response

Version

4.5.1