Please include the following information in your post:
- Which SDK this is regarding: com.auth0.android:lock:2.23.0 & com.auth0.android:auth0:1.27.0
- Platform Version: Android 10
I cannot for the life of me get logout working. Seems to work when WebAuthActivity
is used but when the CustomTabsController
is used it does not.
What I am doing
I am logging in with the PasswordlessLockActivity
like so which works fine:
val newLock = PasswordlessLock.newBuilder(account, lockCallback)
.withAudience("https://${context.getString(R.string.auth0_domain)}/userinfo")
.withAuthenticationParameters(mapOf("prompt" to "login"))
.withScope("openid email profile")
.hideMainScreenTitle(true)
.withScheme(context.getString(R.string.auth0_scheme))
.closable(true)
.build(activity)
I am not storing the access token returned so once I have used the access token to get the user’s email (if they have one) the access token is lost and not used anymore.
I believe I do need to use the WebAuthProvider
to get rid of the SSO cookie. I do this like so:
WebAuthProvider.logout(account)
.withScheme(context.getString(R.string.auth0_scheme))
.start(context,object : VoidCallback {
override fun onFailure(error: Auth0Exception) {
Timber.e(error,"Failed Auth0 logout")
logoutComplete()
}
override fun onSuccess(payload: Void?) {
Timber.d("Successfully logged out of Auth0")
logoutComplete()
}
})
I have added multiple logout callback uris to my application on the dashboard. I have added multiple because I have different package names depending on whether I am running a debug or release variant. So the comma separated list looks something like this (substituting out placeholders)
https:://{domain}/android/{packageName}.debug/callback,{custom-scheme}:://{domain}/android/{packageName}.debug/callback,https:://{domain}/android/{packageName}/callback,{custom-scheme}:://{domain}/android/{packageName}/callback
I have debugged the calls and can confirm that the same uri the LogoutBuilder
creates using the CallbackHelper.getCallbackUri
method is included in the above list.
What I Expect
I expect to get a successful callback from the WebAuthProvider.logout
method.
What is Happening
The WebAuthProvider
callback is returning with an Auth0Exception
.
The exception is returning with is the following and is created on line 48 of LogoutManager
@Override
boolean resume(AuthorizeResult result) {
if (result.isCanceled()) {
Auth0Exception exception = new Auth0Exception("The user closed the browser app so the logout was cancelled.");
callback.onFailure(exception);
} else {
callback.onSuccess(null);
}
return true;
}
After following the code, it looks like AuthenticationActivity
onResume
is being called pretty much immediately and line 88
of AuthenticationActivity
is getting called. I can also see its the CustomTabsController
being used rather than the WebAuthActivity
.
I have tested both on an emulator and my real device. Both have the same outcome.