signOut callbackUrl should support an external url

[tjhiggins]

Describe the feature

The current logic only supports internal routing after signOut.

My use case:

await signOut({ callbackUrl: 'https://tenant.auth0.com/oidc/logout?id_token_hint=blah&post_logout_redirect_uri=blah' })

Code to alter: https://github.com/Hebilicious/authjs-nuxt/blob/3c5928aecaf02779b71341a10567260d5c11e772/packages/authjs-nuxt/src/runtime/lib/client.ts#L136

Easy workaround is to copy the signOut method and change the useRouter line to the following:

await navigateTo(url, { external: true });

Additional information

• [ ] Would you be willing to help implement this feature?

[Hebilicious]

Hi @tjhiggins, afaik useRouter().push works with external URLs already, so this change wouldn't change anything. However, it's possible that the callback url is not being applied properly because of this :

https://github.com/Hebilicious/authjs-nuxt/blob/3c5928aecaf02779b71341a10567260d5c11e772/packages/authjs-nuxt/src/runtime/lib/client.ts#L134

Could you confirm that this is what you'd expect?

It would be very helpful if you could provide a minimal reproduction.

[tjhiggins]

@Hebilicious thanks for the quick reply!

The current code is only using the path of the url for the router push: path: new URL(url).pathname

So my callback is currently /oidc/logout without the correct external host or query params.

[Hebilicious]

Got it. This should be a pretty straightforward change then.

[mrleblanc101]

Yes, this is an issue for Keycloak since clicking "signOut" only sign you out of the application, and not from the SSO. So the next time you click "signIn", you are automatically logged back, without having to input your username/password.

[PeterPilley]

Hi is this resolved? I have the same issue as @mrleblanc101