search

ibm-cloud-docs / appid

IBM Cloud App ID documentation
https://cloud.ibm.com/docs/services/appid?topic=appid-gettingstarted#gettingstarted
6 stars 24 forks source link

Incorrect Node.js example code for SSO logout (webAppStrategy.logoutSSO) #362

Closed ebaek closed 4 years ago

ebaek commented 4 years ago

https://cloud.ibm.com/docs/services/appid?topic=appid-cd-sso#cd-sso-log-out

Under the "By Using the Node.js Server SDK" header, the docs read as follows: app.get('/logoutSSO', (req, res) => { res.clearCookie("refreshToken"); webAppStrategy.logoutSSO(req,res, { "redirect_uri": "https://my-app.com/after_logout" }); });

  1. webAppStrategy should be capitalized (WebAppStrategy)
  2. I get an error that states WebAppStrategy.logoutSSO() isn't a function
smguilia commented 4 years ago

Hi @ebaek,

Thank you for opening an issue. I will update the capitalization and I've forwarded your question about logout to a developer on the team. Either myself or they will reach out with an answer as soon as we can.

Please don't hesitate to open more issues or provide general feedback in the future as you work with the service so that we can continue to improve the experience.

TalAviel commented 4 years ago

Hey @smguilia @ebaek ,

Actually it should not be capitalized. The way it's written is the correct way to call the logout function, it's a method of an instance of WebAppStrategy, in all of our samples we refer to that by webAppStrategy. @ebaek What error did you get? https://github.com/ibm-cloud-security/appid-serversdk-nodejs/blob/master/lib/strategies/webapp-strategy.js#L554

ebaek commented 4 years ago

Hi @TalAviel @smguilia,

Thanks for getting back to me! In the Node.js documentation under quick start guide (https://cloud.ibm.com/docs/services/appid?topic=appid-web-node) and the Web apps guide under securing your Apps (https://cloud.ibm.com/docs/services/appid?topic=appid-web-apps), the instance of WebAppStrategy is referred to as const WebAppStrategy = require("ibmcloud-appid").WebAppStrategy;- perhaps for clarity all the samples should be consistent?

This is the error I get when I invoke WebAppStrategy.logoutSSO(). SSO is enabled on the App ID service and while WebAppStrategy.logout() works, WebAppStrategy.logoutSSO() does not.

Screen Shot 2020-03-16 at 12 04 56 PM
TalAviel commented 4 years ago

Hey @ebaek , we'll update the docs to make it more clear, thanks.

In the code snippet you shared, WebAppStrategy is the class. The logoutSSO is a method as you can see in the GitHub repository I shared with you. Meaning, you have to create an instance of WebAppStrategy in order to call that method. Like -

let webAppStrategy = new WebAppStrategy(.....);
....
webAppStrategy.logoutSSO();

Thanks,

ebaek commented 4 years ago

@TalAviel Ah gotcha- thanks so much!