Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect Logout? #227

Closed
gallexme opened this issue Jun 4, 2018 · 7 comments
Closed

Detect Logout? #227

gallexme opened this issue Jun 4, 2018 · 7 comments
Labels
status:to be verified Needs to be reproduced and validated.

Comments

@gallexme
Copy link

gallexme commented Jun 4, 2018

What steps will reproduce the problem?

Login with Yii
Logout at the Authprovider example: Keycloak
open Yii App, still logged in wtf?

What's expected?

when i logout from Keycloak i should be logged out from any app(Single Sign On)

What do you get instead?

Im Still logged in in Yii
@samdark samdark added type:enhancement Enhancement and removed type:enhancement Enhancement labels Jun 4, 2018
@samdark samdark added this to the 2.1.6 milestone Jun 4, 2018
@samdark
Copy link
Member

samdark commented Jun 4, 2018

Do you have "remember me" active?

@gallexme
Copy link
Author

gallexme commented Jun 5, 2018

@samdark tried both, does not work

@samdark samdark modified the milestones: 2.1.6, 2.1.7 Sep 6, 2018
@samdark samdark modified the milestones: 2.1.7, 2.1.8 Sep 20, 2018
@jakim
Copy link
Contributor

jakim commented Jan 21, 2019
edited
Loading

@gallexme
Are you sure it is related to Yii? If you use Keycloak, much depends on integration.
If you log out in the provider's panel, the application in Yii must receive a signal that the user has logged out.

@samdark samdark removed this from the 2.1.8 milestone Jan 28, 2019
@machour machour added the status:to be verified Needs to be reproduced and validated. label Mar 26, 2019
@annadostoevskaya
Copy link

annadostoevskaya commented May 19, 2022
edited
Loading

Keycloak:
The logout endpoint requires you to provide an ID token.
The OAuthToken interface has no way to get it.

recommendations oidc

UPD: OK. I found method for getting ID token. We can do $OAuthTokenObject->params["id_token"]

@samdark
Copy link
Member

samdark commented May 22, 2022

Seems it's solvable. Closing. Thanks, @annadostoevskaya

@samdark samdark closed this as completed May 22, 2022
@ArchBlood ArchBlood mentioned this issue Nov 17, 2022
Open
@azmeuk
Copy link
Contributor

azmeuk commented Nov 20, 2022

If you log out in the provider's panel, the application in Yii must receive a signal that the user has logged out.

@jakim I am not sure what you mean by signal? Does the IdP should redirect to a given endpoint on the Yii app (after logout on the IdP) in the fashion of RP Initiated Logout?

@annadostoevskaya Can you give some more details on how you solved this?

@annadostoevskaya
Copy link

annadostoevskaya commented Nov 21, 2022
edited
Loading

@azmeuk
in fact, I just pass a redirect to the keyclock side and when the authorization server logs out the session and redirects me back to my web application, I delete the session to myself. this is dumb and error prone because you will stay in the application if you close the browser window at the time of the redirect.

you can try a javascript code that communicates with the authorization server and checks for active sessions there, after which it directs your user to login to the system, But I don't remember where he is.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:to be verified Needs to be reproduced and validated.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@samdark @azmeuk @machour @jakim @gallexme @annadostoevskaya