search

asgardeo / asgardeo-auth-react-sdk

To maintain the implementation of Asgardeo React authentication SDK
Apache License 2.0
40 stars 91 forks source link

Trailing `/` on `signOutRedirectURL` breaks the application #150

Closed SkNuwanTissera closed 9 months ago

SkNuwanTissera commented 2 years ago

Describe the issue:

I configured Asgardeo IDP to a react application. I wanted to redirect back to http://localhost:3000 after the user logs out. I mistakenly put http://localhost:3000/ as the signOutRedirectURL and it results in a page like below when the user logs out.

Screenshot 2022-11-15 at 22 35 13

When I remove the /, it worked fine. But ideally (IMO) this shouldn't be validated.

How to reproduce:

Expected behavior:

Environment information (Please complete the following information; remove any unnecessary fields) :

Optional Fields

Related issues:

Suggested labels:

pavinduLakshan commented 9 months ago

Hi Nuwan,

The redirect URI specified in the authentication flow should be exactly similar to the redirect URI/s registered in the Asgardeo application, for security reasons. Hence this behaviour is expected.