Open pgangwani opened 4 months ago
Hi @pgangwani ,
Thank you for your issue. I think it is due to the window.open. i have understand what to fix. I may do it tommorrow morning.
Hi @pgangwani ,
Thank you for your issue. I think it is due to the window.open. i have understand what to fix. I may do it tommorrow morning.
Thanks, I willl be waiting
I forgot to tell you @pgangwani that version 7.18.3 should fix the bug :)
I forgot to tell you @pgangwani that version 7.18.3 should fix the bug :)
I will give it a test
@guillaume-chervet I tested above, it is redirecting to the post_redirect_uri after logout but not to the oidc server logout page as it is happening in https://black-rock-0dc6b0d03.1.azurestaticapps.net/. Is there a setting in oidc to goto loggedout page ? I actually wanted endSession to be called and then await to be resolved so that I can manually redirect to logout of the oidc server. Thoughts?
hi @pgangwani , does you oidc server support endSessionEndpoint ?
hi @pgangwani , does you oidc server support endSessionEndpoint ?
Yes it does.
I need to understand what is the extra setting required at OIDC server level ? How is your example app using duende redirecitng to duende's logout with just mention of post_redirect_uri: '/profile' ?
Hi @pgangwani , some extra are defined as oidc standards and some other are specific to some oidc provider.
Do you still have some problem with logout?
provider
My problem was solved by my own hack of await logout();redirect(logoutUrl) but organically logging out like in your example. For which I raised this issue.
Hi, I am as well facing this issue in v7.22.8.
I have the oidcServerConfiguration.endSessionEndpoint
configured. I could see the end-session endpoint in Network tab. However, before it could finish, it is immediately calling auth endpoint. As the result, the end-session endpoint is cancelled.
I tried to debug locally by adding some logs:
It seems like the window.location.href
is called twice, end-session and auth endpoints.
Can you take a look at this issue?
Hi @pgangwani which browsers are you using?
I think I am staring to understand to issue. To understand well you run log out from a secured part of your app which automaticaly rerun a login ?
Hi @guillaume-chervet, I am using Chrome v126.0.6478.116
Yes, I called the logout
method from useOidc
hook in the secured part of my app. It redirected to the end-session endpoint. Before it could finish, it redirects to auth endpoint endpoint, hence end-sesion redirection is cancelled.
@suwarnoong @guillaume-chervet any help is required from me ? I still see this as an issue.
I think I am staring to understand to issue. To understand well you run log out from a secured part of your app which automaticaly rerun a login ?
@pgangwani yes, it is still an issue for me as well on latest (v7.22.9).
Could you share your own-hack for this?
Issue and Steps to Reproduce
In logout we have below steps
As 4 or 5 are exclusive steps , I am expecting async logout to await till all promises resolve including endSession. I am thinking to get below case worked
Currently what is happening that if I am writing the window.location.href after await of logout, endSession request is cancelled. I need to redirect to logout to kill the session fully as per our oidc server. Attached below screenshot
Versions
7.18.1
Screenshots
Expected
Await(revoke(AT), revoke(RT), endSession(idToken)).then (() => custom redirect);
Actual
Await(revoke(AT), revoke(RT)).then (() => custom redirect); and endSession(idToken) is cancelled
Additional Details
PLease let me know if I am missing something