openid
Logout Flow - AlertView saying SIGN IN
Hi, I implemented the login flow using the library and now I need to implement the log out also using the same library. I've seen the feature is under development but it's possible to implement it in the apps. The only main problem I have is that the user is prompted with the same alert as in login and the texts says SIGN IN, which is confusing for the user. Is there any way to make this alert configurable? To show it / don't show it or to customize the text appearing.
I'm using the request as OIDEndSessionRequest and an agent using OIDExternalUserAgentIOS and then using the flow as
presentEndSessionRequest:(OIDEndSessionRequest *)request
externalUserAgent:(id<OIDExternalUserAgent>)externalUserAgent
callback:(OIDEndSessionCallback)callback;
I know there's a branch for logout under development but I cannot use a development version in the app.
Any tip will be appreciated!
QUESTION:
After further investigations, I discovered this alert is the Single Sign On Consent Alert from the system. This is possible to be disabled but it needs to be set up insisde the library. Any chance to have this config available? Is there any way to call ASWebAuthenticationSession with prefersEphemeralWebBrowserSession:True?
Having the same issue. It says "Sign in". @gemmaGC92 Did you find anything to name it corretly to sth like "Sign out"?
Hi @smiLLe, nope, it seems is an Apple system alert and it can not be overriden (as far as I could investigate). The only way to remove it is to launch the authentication session with prefersEphemeralWebBrowserSession. This way it does not appear but sadly I could not find any way to pass this setting to the library.
Any update to this would be much appreciated, we are facing same problem when logging out, showing that alert.
There's a open PR for it at https://github.com/openid/AppAuth-iOS/pull/706 or https://github.com/openid/AppAuth-iOS/pull/679
Any update on it because PR is still open. I am facing same issue. @gemmaGC92 can we disable system POP-UP in iOS at perform logout ?
@gemmaGC92 can you try forking your podfile to see if it works for you? I had to implement it because once logged in it stayed in a loop and redirected to the login to enter the credentials.
With #645 you'll have the option of avoiding this prompt that's being displayed by ASWebAuthenticationSession. However, be aware that when using an ephemeral web session, any existing browser state that your OIDEndSessionRequest may rely on will not be present.
You can pass prefersEphemeralSession to an agent with a Convenience initializer. When Signing Out Pass this prefersEphemeralSession = true to get rid of consent which is thrown by safari
Signing Out: -
let idToken = self.authState?.lastTokenResponse?.idToken ?? ""
let request = OIDEndSessionRequest(configuration:authState!.lastAuthorizationResponse.request.configuration, idTokenHint: idToken, postLogoutRedirectURL: URL(string:kRedirectURI)!, additionalParameters: nil)
if #available(iOS 13, *) { guard let agent = OIDExternalUserAgentIOS(presenting: self,prefersEphemeralSession: true) else {
return
}
OIDAuthorizationService.present(request, externalUserAgent: agent,
callback: { (response, error) in
if let response = response {
//delete cookies just in case
HTTPCookieStorage.shared.cookies?.forEach { cookie in
HTTPCookieStorage.shared.deleteCookie(cookie)
}
// successfully logout
}
if let err = error {
// print Error
print("")
}
})
} else {
// Fallback on earlier versions
}
}
You can pass prefersEphemeralSession to an agent with a Convenience initializer. When Signing Out Pass this prefersEphemeralSession = true to get rid of consent which is thrown by safari
Signing Out: -
let idToken = self.authState?.lastTokenResponse?.idToken ?? ""
let request = OIDEndSessionRequest(configuration:authState!.lastAuthorizationResponse.request.configuration, idTokenHint: idToken, postLogoutRedirectURL: URL(string:kRedirectURI)!, additionalParameters: nil)
if #available(iOS 13, *) { guard let agent = OIDExternalUserAgentIOS(presenting: self,prefersEphemeralSession: true) else {
return } OIDAuthorizationService.present(request, externalUserAgent: agent, callback: { (response, error) in if let response = response { //delete cookies just in case HTTPCookieStorage.shared.cookies?.forEach { cookie in HTTPCookieStorage.shared.deleteCookie(cookie) } // successfully logout } if let err = error { // print Error print("") } }) } else { // Fallback on earlier versions } }
It is works for me.
Thanks @jamisyed786
@hupendraaplite please see my comment here on a related question. Unfortunately, you cannot modify this alert.
@mdmathias @Corgizzz @jamisyed786 @gemmaGC92 Is there a way to change the alert verbiage or hide this alert itself ? please help. @interface OIDEndSessionRequest : NSObject <NSCopying, NSSecureCoding, OIDExternalUserAgentRequest>
