Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Sign out does not clear SSO token
See original GitHub issueLooking at the code, I don’t see Sign Out being properly implemented. There is a way to remove the user tokens from the local cache, but it does not appear to invoke the system web view to hit the end_session_endpoint endpoint value. That may leave the cookie between the system and the device valid such that a subsequent authenticate call may not prompt for credentials.
Seems like the end_session_endpoint value should be read from the OIDC metadata and then invoked on a sign out?
Issue Analytics
- State:
- Created 6 years ago
- Comments:7 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@onovotny For the preview, we only support signout by removing tokens from the cache. Sigout from system webview will be the next step, we’ll add the support later.
In the meantime I am using the following code to remove all user data and prevent automatic login after sign out. I am using
"authorization_user_agent": "WEBVIEW".(requireContext().getSystemService(Context.ACTIVITY_SERVICE) as ActivityManager).clearApplicationUserData()