Logout in AppAuth-Android

泄露秘密 提交于 2020-12-05 06:21:37

问题


I have an Android app developed in JAVA. For this app I am using the IdentityServer4 as my STS and everything is working fine. But i couldn't find any implementation to logout in AppAuth library. Can anyone help me on this? I really need the logout option in my app, so the users can logout from the app when ever they want and log back in again. Any ideas, samples would be greatly appreciated.


回答1:


I am the lead maintainer of AppAuth.

Logout is usually as simple as discarding the AuthState object, in order to forget the acquired tokens. If you are referring to also signing the user out of the OpenID identity globally, there is a draft standard for this:

http://openid.net/specs/openid-connect-frontchannel-1_0.html

AppAuth does not support this, as we do not wish to include in-progress standardization work in the core library. It would be relatively simple to write an extension library to fulfill this particular purpose.

The documentation for IdentityServer4 on logout is empty, so I don't know what mechanism they provide for logout and whether it follows any particular standard (draft or otherwise). I suggest you contact the developers of IdentityServer4 for more information.




回答2:


You can add .setPrompt("login") to AuthorizationRequest.Builder, and it will ask for credentials again. According to OpenId docs

https://github.com/openid/AppAuth-Android/issues/215



来源:https://stackoverflow.com/questions/40778792/logout-in-appauth-android

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!