Closed satyajitvure91 closed 2 years ago
Please have a look at our sign out documentation. https://github.com/okta/okta-oidc-android#sign-out
You need to use the signOutOfOkta
method in order to sign the user out from the browser too.
Thank you @JayNewstrom I have updated the logout call
override fun logout() {
if (webAuthClient.sessionClient.isAuthenticated) {
activity?.let {
webAuthClient.signOutOfOkta(it)
}
}
}
And in the callback, I am clearing the sessionClient too
private fun registerWebAuthCallback() {
webAuthClient.registerCallback(
object : ResultCallback<AuthorizationStatus?, AuthorizationException?> {
override fun onSuccess(status: AuthorizationStatus) {
if (status == AuthorizationStatus.AUTHORIZED) {
Log.d("LSV", "onSuccess: LoggedIn")
} else if (status == AuthorizationStatus.SIGNED_OUT) {
Log.d("LSV", "Signed out")
webAuthClient.sessionClient.clear()
}
}
override fun onCancel() {
// authorization canceled
Log.d("Cancelled", "cancelled")
}
override fun onError(msg: String?, exception: AuthorizationException?) {
Log.e("Error", msg.toString())
}
},
activity
)
}
And I am calling registerWebAuthCallback()
in onViewCreated()
. I can see in logcat that "Signed out" message is printed and I also made a check to see if tokens are empty before calling the webAuthClient.signIn() method. But for some reason in the browser, I see that previous session still persists.
Can you recreate this in our sample applications? We're not seeing this behavior there.
I tried the sample app with our organization's configuration and I still see the same issue. I sign out and clear data and I try to sign in but the same thing happened on the sample app as well.
@satyajitvure91 could you try creating a new dev org and trying with another basic configuration?
I actually did try that with my own sample dev configuration and it is working as intended. Is it something to do with our organization's setup?
Does your endSessionRedirectUri
match what's in the admin console?
Does your discoveryUri
match what's in the console?
I'm trying to signOut of Okta and was able to do that successfully using webAuthClient.SignOut and the onSuccess callback was triggered. But when I try to signIn again the browser returns the previous session. am I missing anything here?
This is what I'm doing on clicking logout
Now when I go back to sign in page and click login, the browser opens and redirects to the app with the previous session.