Keycloak 18 - Parameter redirect_uri while logout

react-keycloak / react-native-keycloak

React Native components for Keycloak

MIT License

171 stars 48 forks source link

Keycloak 18 - Parameter redirect_uri while logout #84

Open Deejayfool opened 2 years ago

Deejayfool commented 2 years ago

Describe the bug

Since Keycloak 18, parameter "redirect_uri" is not supported anymore when logging out as explained here : https://www.keycloak.org/2022/04/keycloak-1800-released#_openid_connect_logout So now, when we use react-native-keycloak, we get the error "Invalid parameter: redirect_uri" when logging out.

Version to reproduce the bug

Keycloak Server : 18.0.0
Packages npm :
- react-native-keycloak : 0.6.0
- keycloak-js : 18.0.0

sundayglee commented 2 years ago

Any feedback on how to solve this?

jonathanforking commented 2 years ago

I used this as a workaround for the issue in the meantime

InAppBrowser.open(
  keycloak
    .createLogoutUrl()
    .replace("redirect_uri", "post_logout_redirect_uri") +
  `&id_token_hint=${keycloak.idToken}`
).then(res => keycloak.clearToken())

4ND3R50N commented 2 years ago

Just wanted to bump this up! Would be awesome to get a working logout for Keycloak > v18 with this component

Keep up the good work!

IronTony commented 2 years ago

Hi @4ND3R50N, at the moment due also the real life job we are a little bit busy and React-Native-Keycloak was completely written by ourself from scratch, so first of all we have to check the Keycloak 18 code and plan to rewrite again, that at the moment is not possible.

As you know we created this package without any support or request to users, so obviously we consider to rewrite based on K18, but when we have time from our real life job (that pays the rents)

detinho commented 1 year ago

Would a PR to make the redirect_uri optional and adding two more options (post_logout_redirect_uri and id_token_hint) to the logout options do the job?

I see here that redirect_uri is always set. If we make them optional we can allow client applications to decide which strategy to use.

kosbog commented 1 year ago

Faced with the same error.

nemanjarocks commented 1 year ago

Have the same problem

atrofimenko commented 1 month ago

I used this as a workaround for the issue in the meantime

InAppBrowser.open(
  keycloak
    .createLogoutUrl()
    .replace("redirect_uri", "post_logout_redirect_uri") +
  `&id_token_hint=${keycloak.idToken}`
).then(res => keycloak.clearToken())

Hello @jonathanforking, tried your solution, but when I'm opening browser with this url i can see just an empty page. M.B. you have any thoughts here?

jonathanforking commented 1 month ago

@atrofimenko I ended up using another OAuth library back then (react-native-app-auth), I would suggest doing the same, as this one isn't maintained anymore

atrofimenko commented 1 month ago

@atrofimenko I ended up using another OAuth library back then (react-native-app-auth), I would suggest doing the same, as this one isn't maintained anymore

@jonathanforking Yes, thank you) testing it right now)