374 Support End Session#433
Conversation
3fbb1fd to
e689d62
Compare
e689d62 to
c75d373
Compare
|
Any idea when this will be available? End Session is an important feature for an auth library... |
| // or specify additional redirect URIs in AndroidManifest.xml | ||
| manifestPlaceholders = [ | ||
| 'appAuthRedirectScheme': 'net.openid.appauthdemo' | ||
| 'appAuthRedirectScheme': 'com.lohika.android.test' |
There was a problem hiding this comment.
this should be updated before merging to master
|
What can we in the community to do support getting this into master for a new release? |
|
Someone needs to step up and take on the role of maintainer - see #444. |
|
This should be merge already! |
|
Good job 👍 For those looking to use end session support : until a new maintainer is found for this project, you can use a dependency to a binary built from this PR, by using Jitpack (the feature was released yesterday and works like a charm :) ) Juste add the following to your code. Root App's Note that this is not an ideal solution, more a workaround to use this feature. |
|
Is there any updates regarding merging this branch into master ? |
|
We too really need this functionality for proper sign-out. |
|
We ended up forking, and using Jitpack to use a dependency built from our own fork with the PR changes, and end session is working for us now without having to do all kinds of workarounds ourselves. Can recommend this approach if you too are in a situation where you cannot just replace your client library with an entirely different one. |
|
For anyone that is still holding out for someone to pick up support of this library, and get this PR merged, but needs to be able to support logging out now without patching in this entire PR (which does. solve it properly), here is the solution we are using:
Here's our |
|
I'm also looking for a logout feature. |
|
@Barryrowe |
Thanks man i got it |
|
@oahmedazab Glad you found it helpful! For anyone else, you would use I did forget to note explicitly, for anyone else, that the above implementation expects using configuration discovery, where the logout endpoint is returned as part of the remote discoveryDoc. The first line of |
Thanks @Barryrowe, your comments helped me ending a session in Xamarin.Android until this is merged into master. |
Hey @mshuf, could you please share your Xamarin.Android solution for the issue? |
@Pavel-Sulimau This is basically what I'm rolling with for now... It launches the end session URI in a custom tab and subsequently logs the user out. From there the user clicks a button which re-directs back to the app where I handle and then display the login screen again. You can have it automatically redirect depending on your auth server setup. Hope this helps. |
|
Nice solution, add
|
|
Conflicting files |
|
Any news here? I would need that feature for a Keycloak-Installation |
Hi @Barryrowe can you please help me to integrate this? means how to call on Logout and redirect to another activity? Thanks in advance. |
Hi @Eightyplus can you please let me know below code usage? if (isPackageInstalled(context, CUSTOM_TAB_PACKAGE_NAME)) { What should i pass CUSTOM_TAB_PACKAGE_NAME ? what should be isPackageInstalled? |
To expand slighlty, you would use the You could optionally use |
|
@kushanshah11 , ah I left out some code. const pointing at package for chrome one way to check if Chrome is installed |
HI @Eightyplus I have implemented your code and it works but now i have one issue. now issue is on logout browser remain open and display you are successfully logout and in back of browser Login activity also redirected. question is how to close browser on logout? Thanks in advance. |
|
I guess we had the same issue. The server has to configure/enable logout. We use identity server, and have setup like this
Replace
|
Hi @Barryrowe , can you please let me know solution for close logout browser? thanks in advance. |
so based on my understanding first server guy have to add postlogoutredirecturi in discovery document right? after that what is our part or its automatically close? Thanks in advance |
|
If you use custom tab / chrome, it will close and redirect. If it runs on an old device with older browser, probably not, but will redirect to your app.
|
yes by default it use chrome. so once server guy added that endpoint in discovery it will automatically works correct ? |
@kushanshah11 There are several pieces to understand about how the redirect works. There are a few different things that could be going on if you're not properly getting redirected to your app after the logout action occurs. The relevant documentation is in the root of this project here: https://github.com/openid/AppAuth-Android#capturing-the-authorization-redirect
If you're not getting redirected with all the proper setup, make sure you're on API 21 or higher. I believe API 16-19 has some flaky handling of the login flows if you're using |
|
@Barryrowe Something is not clear from your patch, how do you send the id_token_hint parameter (that is being sent by the code in this pull request)? Actually, under what OIDC standard/draft does your logout code work? What IdP do you work with? |
|
@danijelt This is a good question. Our identity provider is Identity Server 4 I was fumbling my way through patching this when I originally wrote this, and left out that detail. That unused So given a valid val redirectUri = Uri.parse(redirectUrl)
val authRequest = AuthorizationRequest.Builder(
state.authorizationServiceConfiguration!!,
clientId,
ResponseTypeValues.CODE,
redirectUri
)
.setScope(scope)
.setAdditionalParameters(
mapOf(
LOGOUT_PARAM_ID_TOKEN_HINT to state.idToken,
LOGOUT_PARAM_POST_LOGOUT_REDIRECT to "$redirectUrl/logout"
)
)
.build()
val intent = (authService as CustomAuthorizationService).getLogoutIntent(authRequest) |
|
@Barryrowe Thanks for clearing it up! So, the ID token is being sent implicitly with setAdditionalParameters? That's what confused me and I thought you went out-of-spec. |
|
@danijelt The My solution has always been a patch, so it's a little ugly. I'm hoping this PR, or a similar one will get merged and released eventually. |
|
Thanks to @smokienko for the original PR. His changes have been updated and merged as part of #525 |
|
I am following the code above for end session, I have tried with demo code of TokenActivity.endSession() as well but still unable to end session on my device. My final url looks like: but its giving me error as follows: I am not sure why I am unable to end session properly. |

Implements End Session support flow.
Adds unit tests.
Updates readme.