OpenID Connect RP Initiated Logout#693
Conversation
|
This could be potentially solve my issue. I am currious how do you reproduce second step "Logout passing the idToken and a redirect url", do you provide redirect url from the setup on server side, or is it something else? Thanks in advance! Also logout method is throwing me and undefined exception: [TypeError: undefined is not a function (near '...(0, _reactNativeAppAuth.logout)...')] while revoke method is working with similar config |
The post logout redirect url must be provided as a parameter in the
Could you provide the full error and more details on the device? |
|
I tried it again this morning, and I guess I made some mistakes in my setup. It works! But the only thing is that this native Webview still appears, on both platforms for me, but I guess that's something outside of our power. So far so good, than you very much for this solution! |
|
I'm not sure if it is possible to avoid opening SFSafariViewController/ASWebAuthenticationSession/Custom Tabs when logging out. |
|
This PR has quite an important functionality of the lib which is missing from the main code. It would be worth getting this merge into main? I am sorry but the |
Can you be more specific? What issues did you encounter? |
|
@activebiz @kadikraman - Can you please elaborate on what is blocking this PR from being merged? We also need this functionality. Thank you! fyi - @gispada |
kadikraman
left a comment
There was a problem hiding this comment.
Thanks so much for tackling this feature @gispada - looks good to me!
Fixes #621 #68
Description
This pull request adds the OIDC RP initiated logout (link to the specification). Now it should be possible to properly logout a user, avoiding the automatic login after a simple token revocation.
The feature has already been developed on the native AppAuth libraries, for Android and iOS. I added the missing invocations of the appropriate methods.
Note: on iOS the system alert before logging out still appears. I guess it's something related to
ASWebAuthenticationSession.Steps to verify
scopes: ['openid']) and get an idToken;