jorunfa
commented
6 years ago Thanks for the heads up.
The logout code is set up to call both the /oauth/logout end point and also the /oauth/revoke for good messure/to be extra sure. https://github.com/telenordigital/connect-android-sdk/blob/master/connect/src/com/telenor/connect/id/ConnectIdService.java#L191 https://github.com/telenordigital/connect-android-sdk/blob/master/connect/src/com/telenor/connect/id/ConnectIdService.java#L192
I would maybe expect the 401 response on revoke because the logout call also revokes the authorization. Are you sure the access and refresh tokens are still valid after?
I ocassionally see this exception after calling ConnectSdk.logout(). I'm not sure how to recreate it, but it has happened several times. It seems to be time-related. Perhaps a temporary server problem of some sort.
Failed to call logout with access token on API. accessToken=Hqw6zLX5YQ7nY8lI697K1PIvyma retrofit.RetrofitError: 401 Unauthorized at retrofit.RestAdapter$RestHandler.invokeRequest(RestAdapter.java:388) at retrofit.RestAdapter$RestHandler.access$100(RestAdapter.java:220) at retrofit.RestAdapter$RestHandler$2.obtainResponse(RestAdapter.java:278) at retrofit.CallbackRunnable.run(CallbackRunnable.java:42) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636) at retrofit.Platform$Android$2$1.run(Platform.java:142) at java.lang.Thread.run(Thread.java:764)This is a problem in and of itself of course, but what's worse is that ConnectTokensStateTracker.onTokenStateChanged() is still called with the argument hasTokens = false. This means that the app thinks that we have been logged out when in reality we are still logged in. The access token and refresh token are still valid.