Skip to content

redirectUriAsPostLogoutRedirectUriFallback has no effect when there is no id_token #1238

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
buchatsky opened this issue Jun 9, 2022 · 3 comments
Closed

redirectUriAsPostLogoutRedirectUriFallback has no effect when there is no id_token #1238

buchatsky opened this issue Jun 9, 2022 · 3 comments
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.

Comments

@buchatsky
Copy link

buchatsky commented Jun 9, 2022
edited
Loading

Describe the bug
When postLogoutRedirectUri is not set and AuthConfig.redirectUriAsPostLogoutRedirectUriFallback = true and Identity Server does not return id_token, logOut() does not go to AuthConfig.logoutUrl.

Expected behavior
logOut() to go to AuthConfig.logoutUrl.

Library version
13.0.1

Additional context
Library source code:

logOut(customParameters = {}, state = '') {
...
if (!id_token && !this.postLogoutRedirectUri) {
  return; // exits HERE
}
...
const postLogoutUrl = this.postLogoutRedirectUri ||
  (this.redirectUriAsPostLogoutRedirectUriFallback && this.redirectUri) ||   // is NOT reached
  '';
...
}
@jeroenheijmans
Copy link
Collaborator

Possibly the same as #1188?

@jeroenheijmans jeroenheijmans added bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more. labels Jun 9, 2022
@buchatsky
Copy link
Author

No, it is not connected to refresh token. I use custom Identity Server, not IdS4

@manfredsteyer
Copy link
Owner

Good catch. I think the reason was this endpoint is defined by OIDC. But the code should also work w/o id_token. Hence, the next version will not have this if.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug For tagging faulty or unexpected behavior. investigation-needed Indication that the maintainer or involved community members may need to investigate more.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@manfredsteyer @jeroenheijmans @buchatsky