angular-auth-oidc-sample-google-openid
angular-auth-oidc-sample-google-openid copied to clipboard
damienbod
Full Logout not working with multiple clients
when one user logout from one client , same user can continue to use the protected data of second client. need help.
google oidc does not support logout...
Use a different token service for this use case, for example you could put a identityserver4 in between.
Greetings Damien
@damienbod thank you for your reply. I am using identityserver3 with below client setting
CLIENT 1: new Client { Enabled = true, ClientName = "Client1", ClientId = "Client1", AccessTokenType = AccessTokenType.Reference, Flow = Flows.Implicit, ClientSecrets = new List<Secret> { new Secret { Value="Client1"} }, RequireConsent = false,
RedirectUris = new List<string>
{
"http://localhost:28650/"
},
AllowedCorsOrigins = new List<string>
{
"http://localhost:28650/"
},
// Valid URLs after logging out
PostLogoutRedirectUris = new List<string>
{
"http://localhost:28650/"
},
AllowAccessToAllScopes = true,
AccessTokenLifetime = 3600
}
CLIENT 2 :
new Client
{
Enabled = true,
ClientName = "Client2",
ClientId = "Client2",
AccessTokenType = AccessTokenType.Reference,
Flow = Flows.Implicit,
ClientSecrets = new List<Secret> { new Secret { Value="Client2"} },
RequireConsent = false,
RedirectUris = new List<string>
{
"localhost:28550"
},
AllowedCorsOrigins = new List<string>
{
"localhost:28550"
},
// Valid URLs after logging out
PostLogoutRedirectUris = new List<string>
{
"localhost:28550"
},
AllowAccessToAllScopes = true,
AccessTokenLifetime =3600
}
when i logout from client 1 it sucessfully logout and redirect to login, but when i move to client 2 it can still access/use client 2 application. can you please guide me how to resolve this issue. Thanks,