Closed punchDevFullStack closed 4 years ago
punchDevFullStack
commented
4 years ago I have tried adding “clearcache=yes” and “clearsessioncache=yes”, but they do not seem to do anything.
DefaultBrowser.prototype.showWindow = function (url) { window.open(url, "_self", "location=no,clearsessioncache=yes,clearcache=yes,cleardata=yes"); return; };
wi3land
commented
4 years ago HI @punchDevFullStack
It sounds like your not fully logging out of the identity server, You shouldn't have to clear the cookies down the identity server should do this for you.
I am also using identity server in a few of my implementations. Can I see your endsession method, its usually account controller, logout method.
punchDevFullStack
commented
4 years ago @wi3land For end-session component
wi3land
commented
4 years ago The endsession call back only clears the local side.
This should be called once a round trip has been made to the identity server and back, like at login.
To do this call signout() instead. If you need help look at one of the demos I created they all implement the signout() and endsessionCallback().
wi3land
commented
4 years ago @punchDevFullStack Did the above solve your issue?
punchDevFullStack
commented
4 years ago I have tried call method signOut() but not work. Identity server not call back when post_logout_redirect = xxx://endsession
wi3land
commented
4 years ago have you whitelisted the post logout redirect url?
punchDevFullStack
commented
4 years ago I’am not sure, I’d check again
punchDevFullStack
commented
4 years ago 
I try your demo and change authConfig. I press button logout then identity server call back xxx://endsession but when I login again, not show input username, input password
wi3land
commented
4 years ago @punchDevFullStack this isn't an issue with the ionic-app-auth library as it is redirecting our for both log out and log in. I would think this is more likely to be an issue with your setup on identity server.
When end session is called it should be redirecting to account/logout.
This method should include something like await HttpContext.SignOutAsync();.
Once this has happened your identity server cookie will be removed and wont auto redirect and sign in the current logged in user as there wont be a current logged in user.
Please see identity server documentation
punchDevFullStack
commented
4 years ago thanks
nareshkopanathi
commented
7 months ago I developed Ionic vue3 web application and I am able to logout the application when I click on logout button but when I close tab or window I am unable to logout my application. could you please help me how to resolve this issue.
`import { App } from '@capacitor/app'; import { AuthService } from 'ionic-appauth'; import { CapacitorBrowser, CapacitorSecureStorage } from 'ionic-appauth/lib/capacitor'; import { isPlatform } from '@ionic/vue'; import { AxiosRequestor } from './axios-requestor.service'; import { useGlobalState } from '@/shared/global-state.composable'; import { Browser } from '@capacitor/browser'; import { handleApiError } from '@/shared/utilities/api-utilities';
const { initialSignIn, appReady, currentModule, logOffApp } = useGlobalState();
export class AuthenticationService {
private static authService: AuthService | undefined;
private static buildAuthInstance() {
const authService = new AuthService(new CapacitorBrowser(), new CapacitorSecureStorage(), new AxiosRequestor());
authService.authConfig = {
'client_id': process.env.VUE_APP_AUTH_SERVER_CLIENT_ID || '',
'server_host': process.env.VUE_APP_AUTH_SERVER_HOST || '',
'redirect_url': isPlatform('capacitor') ? 'eldermark.app://callback' : process.env.VUE_APP_BASE_URL + '/loginredirect',
'end_session_redirect_url': isPlatform('capacitor') ? 'eldermark.app://endSession' : process.env.VUE_APP_BASE_URL + '/endredirect',
scopes: 'email openid phone',
pkce: true
}
if (isPlatform('capacitor')) {
App.addListener('appUrlOpen', (data: any) => {
const isAuthUrl = data.url && data.url.includes(this.authService?.authConfig.redirect_url);
if (isAuthUrl) {
initialSignIn.value = true;
authService.authorizationCallback(data.url);
} else {
authService.endSessionCallback();
}
});
}
authService.init();
return authService;}
public static get Instance(): AuthService { if (!this.authService) { this.authService = this.buildAuthInstance(); }
return this.authService;}
public static async signOut(redirect = false) {
if((logOffApp.value || currentModule.value) && !isPlatform('capacitor')) {
window.location.href = ${process.env.VUE_APP_AUTH_SERVER_HOST_LOGOUT}?client_id=${process.env.VUE_APP_AUTH_SERVER_CLIENT_ID}&logout_uri=${process.env.VUE_APP_BASE_URL}/endredirect;
}
try {
appReady.value = false;
await AuthenticationService.Instance.signOut();
logOffApp.value = false;
if (!redirect) {
return;
}
if (isPlatform('capacitor')) {
const url = `${process.env.VUE_APP_AUTH_SERVER_HOST_LOGOUT}?client_id=${process.env.VUE_APP_AUTH_SERVER_CLIENT_ID}&logout_uri=eldermark.app://endSession`;
Browser.open({ url });
} else {
window.location.href = `${process.env.VUE_APP_AUTH_SERVER_HOST_LOGOUT}?client_id=${process.env.VUE_APP_AUTH_SERVER_CLIENT_ID}&logout_uri=${process.env.VUE_APP_BASE_URL}/endredirect`;
}
} catch (error) {
handleApiError(error);
}} }`
This is NOT an issue but a question/request. I use front app on angular 8, ionic 5.4 and using identity server 4(oauth). The problem is that when I click logout button, the token is removed then redirected to logout page. But when I try to refresh main page, It redirected to indentity server for authenticated automatically and redirected back to main page I am missing providing username and password here. What I noticed is that if I remove manually the cookie from browser and repeat the process, this time I will be asked for username and password.
Is there a better way? Thank you.