Skip to content

auth.logout() does not send token for proper logout from IDP #168

New issue
New issue
Open
Open
auth.logout() does not send token for proper logout from IDP#168
@gibsonf1

Description

@gibsonf1
gibsonf1
opened on Sep 13, 2020

The auth.logout() is not sending the token to the Solid server which we need for identifying the user for proper logout.

The code in question is here:

export async function logout(
  storage: AsyncStorage,
  fetch: Function
): Promise<void> {
  const rp = await getStoredRp(storage)
  if (rp) {
    try {
      // First log out from the IDP
      await rp.logout()
      // Then, log out from the RP
      try {
        await fetch('/.well-known/solid/logout', { credentials: 'include' })
      } catch (e) {
        // Ignore errors for when we are not on a Solid pod
        // But tell users it is harmless because they will see the GET failure in the console
        console.info(
          "Couldn't find /.well-known/solid/logout, this is harmless."
        )
      }
    } catch (err) {
      console.warn('Error logging out of the WebID-OIDC session')
      console.error(err)
    }
  }
}

the rp.logout() does hit the IDP correctly, but without credentials, so the next call in this code to then use .well-known/solid/logout is not called as the IDP call returns a 401.

Any idea why rp.logout() is not including credentials?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions