I am using express-openid-connect library to login via SSO and i’m experiencing a weird behavir
This function is called to login and check req.oidc.isAuthenticated() - if it is false, it connects into my SAML connector, which works perfectly and then later in the console.log, i can see that “authenticated: req.oidc.isAuthenticated()” logs true
router.get('/auth0sso/:org_acronym', async (req, res) => {
const orgAcronym = req.params.org_acronym
try {
const auth0Connector = await ssoApp.getSSOFlow({
ssoConnection: SSOConnection.AUTH0,
orgAcronym,
})
if (!auth0Connector) {
throw new TraytError('error').setCode(4113)
}
if (!req.oidc.isAuthenticated()) {
return res.oidc.login({
authorizationParams: {
connection: auth0Connector,
},
})
}
if (!req.oidc?.accessToken?.access_token) {
throw new TraytError('error').setCode(4107)
}
const { redirectUrl, azp } = await ssoAppv2.verifyAuth0Token({
accessToken: req.oidc.accessToken.access_token,
clientId: req.query.client_id,
})
console.log({
authenticated: req.oidc.isAuthenticated(),
})
const user = req.oidc.user
const email = user?.email
res.redirect(`${redirectUrl}?code=${azp}&email=${email}`)
} catch (error) {
processError(res, error)
}
})
Then, i finish my login and reach my logged webpage.
When i try to logout, i call the following function
router.post('/logout', authenticateLogoutRequest, async (req, res) => {
try {
console.log({
auth2: req.oidc.isAuthenticated(),
})
await usersApp.logoutUser({
userId: req.user.userId,
deviceId: req.user.deviceId,
accessToken: req.accessToken,
})
if (req.oidc.isAuthenticated()) {
return res.oidc.logout()
}
} catch (err) {
processError(res, err)
}
})
But when i log auth2, it returns false and i dont have idea why. This cause me an issue where i never is able to logout the user (as i never can see the logout log in auth0 portal in user tab, just the log in)