I have an Android app developed in JAVA. For this app I am using the IdentityServer4 as my STS and everything is working fine. But i couldn't find any implementation to logout in AppAuth library. Can anyone help me on this? I really need the logout option in my app, so the users can logout from the app when ever they want and log back in again. Any ideas, samples would be greatly appreciated.
I am the lead maintainer of AppAuth.
Logout is usually as simple as discarding the AuthState
object, in order to forget the acquired tokens. If you are referring to also signing the user out of the OpenID identity globally, there is a draft standard for this:
http://openid.net/specs/openid-connect-frontchannel-1_0.html
AppAuth does not support this, as we do not wish to include in-progress standardization work in the core library. It would be relatively simple to write an extension library to fulfill this particular purpose.
The documentation for IdentityServer4 on logout is empty, so I don't know what mechanism they provide for logout and whether it follows any particular standard (draft or otherwise). I suggest you contact the developers of IdentityServer4 for more information.
You can add .setPrompt("login")
to AuthorizationRequest.Builder
, and it will ask for credentials again.
According to OpenId docs
https://github.com/openid/AppAuth-Android/issues/215
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With