Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting signin popup during logout #294

Closed
lhuria94 opened this issue Apr 16, 2020 · 20 comments · Fixed by #305
Closed

Getting signin popup during logout #294

lhuria94 opened this issue Apr 16, 2020 · 20 comments · Fixed by #305
Labels
feature request A feature has been asked for or suggested by the community

Comments

@lhuria94
Copy link

Hi,

We are getting this popup during logout from the mobile app.
Our code is:

auth0.webAuth
      .clearSession({})
      .then(success => {
        Alert.alert('Logged out!');
        setAccessToken(null);
      })
      .catch(error => {
        console.log('Log out cancelled', error);
      });

Is there any way to avoid this situation?
@Widcket
Copy link
Contributor

Widcket commented Apr 16, 2020

Hi @lhuria94, can you share a screenshot of the popup?

@Widcket Widcket added the needs investigation An issue that has more questions to answer or otherwise needs work to fully understand the issue label Apr 16, 2020
@mountainfirefly
Copy link

Simulator Screen Shot - iPhone 11 Pro Max - 2020-04-17 at 15 15 46
I am having the same issue, here is the screenshot. @Widcket

@Widcket
Copy link
Contributor

Widcket commented Apr 17, 2020

@mountainfirefly thanks for the screenshot. Support for disabling SSO (and thus avoiding that popup) is already in our backlog.

@Widcket Widcket closed this as completed Apr 17, 2020
@Widcket Widcket added feature request A feature has been asked for or suggested by the community and removed needs investigation An issue that has more questions to answer or otherwise needs work to fully understand the issue labels Apr 17, 2020
@lhuria94
Copy link
Author

lhuria94 commented Apr 17, 2020
edited
Loading

@Widcket But we need the SSO as well, even if we have the popup its the message which does not make sense for the user. A signed in user has to sign in to logout.

@Widcket
Copy link
Contributor

Widcket commented Apr 18, 2020

@lhuria94 both popup and message are displayed by ASWebAuthenticationSession, and unfortunately we do not have control over it. However if you'd like to force the user to login again, you can add the prompt: "login" param to the login call.

@pavelpashkovsky
Copy link

v2.3.1 still getting this popup. Is there any solution to avoid it except rolling back to old versions?

@paulosborne
Copy link

@Widcket

@lhuria94 both popup and message are displayed by ASWebAuthenticationSession, and unfortunately we do not have control over it. However if you'd like to force the user to login again, you can add the prompt: "login" param to the login call.

Is there a way to at least configure the message to say "sign-out" instead of "sign-in"?

@lhuria94
Copy link
Author

lhuria94 commented May 11, 2020
edited
Loading

Thanks @Widcket

Add the prompt: login worked for me. But I see later it can come back to us in case of SSO functionality since we are not clearing the session and making the user to force login again later on new request.

Showing "sign-out" would really help us here.

@paulosborne
Copy link

@Widcket

Are you able to provide any clue how far down the backlog this is?

@Widcket
Copy link
Contributor

Widcket commented May 11, 2020

Hi @paulosborne, unfortunately it's not possible to modify the popup message in any way. Last week we've implemented the ephemeral session option for Auth0.swift, but I can't provide an ETA for this SDK.

@paulosborne
Copy link

paulosborne commented May 12, 2020
edited
Loading

Hi @paulosborne, unfortunately it's not possible to modify the popup message in any way. Last week we've implemented the ephemeral session option for Auth0.swift, but I can't provide an ETA for this SDK.

Thanks for the reply @Widcket

Will ephemeral sessions remove the sign-out prompt when the user is logging out?

@Widcket
Copy link
Contributor

Widcket commented May 12, 2020

@paulosborne yes, and for the log in prompt as well. The behavior you get on iOS 13+ is similar to using prompt: "login" but without SSO, because it won't place a cookie in the system browser's shared cookie jar. Like using a browser in incognito mode.

@paulosborne
Copy link

@paulosborne yes, and for the log in prompt as well.

Excellent :)

@Widcket
Copy link
Contributor

Widcket commented May 19, 2020

@paulosborne the changes are up on the branch feature/ephemeral-session-support. Can you please try them out? You'll need to pass the ephemeralSession option, like this:

        auth0.webAuth
            .authorize({
                scope: 'openid profile email'
            }, {
                ephemeralSession: true
            })

@Widcket Widcket reopened this May 19, 2020
@paulosborne
Copy link

paulosborne commented May 19, 2020
edited
Loading

@paulosborne the changes are up on the branch feature/ephemeral-session-support. Can you please try them out? You'll need to pass the ephemeralSession option, like this:

        auth0.webAuth
            .authorize({
                scope: 'openid profile email'
            }, {
                ephemeralSession: true
            })

@Widcket I checked out the branch and gave it a try and the login prompt no longer appeared - nice work. It does still appear on logout but i'm assuming this branch is a work-in-progress?

Looks like SSO has been disabled successfully as I was required to re-validate my google account every time I logged in.

Thanks again :)

@Widcket
Copy link
Contributor

Widcket commented May 19, 2020

@paulosborne the thing is, you don't really need it for logout. There's no cookie to clear, so to perform 'logout' just remove the tokens from your app.

@paulosborne
Copy link

@Widcket

Good to know, thanks for your help 😊

@Widcket Widcket mentioned this issue May 19, 2020
Merged
5 tasks
@jmz527 jmz527 mentioned this issue Sep 1, 2020
Closed
@blarzHernandez
Copy link

It worked if we set both properties: prompt and ephemeralSession as following

auth0.webAuth.authorize(
      {
        scope: 'openid email profile',
        prompt: 'login',
      },
      { ephemeralSession: true }
    );

@aprilmintacpineda
Copy link

how come prompt is not included in https://auth0.github.io/react-native-auth0/WebAuth.html#.authorize

@ShepSims
Copy link

on versions above 2.16 ephemeral session no longer prevents the sign in popup. Does anyone have solutions for getting rid of the popup on 3.1 or later?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request A feature has been asked for or suggested by the community
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added support for ephemeral sessions [SDK-1412] auth0/react-native-auth0
8 participants
@paulosborne @Widcket @pavelpashkovsky @lhuria94 @mountainfirefly @blarzHernandez @aprilmintacpineda @ShepSims