google account logout and redirect

openid logout account

39,256

Solution 1

I have solved this issue calling this function when the user click on the logout link:

var logout = function(){
document.location.href = "https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http://www.example.com";
}

When the user click on the link, the browser redirect the user to the logout page and only when the logout is complete, the user is redirected to the site "http://www.example.com".

I hope this can help.

Solution 2

Challenges

Requesting https://www.google.com/accounts/Logout will log the user out. There is a continueUrl parameter that Google adds to that address sometimes, but it will only succeed to redirect the user when the target is some Google site, and not your own. This makes the approach unusable.

Furthermore the OpenID specification does not include global log out at this moment.

There is another way:

Suggestion

Include an IFrame on your page and use the onClick JavaScript event handler on the logout link to load https://www.google.com/accounts/Logout into the IFrame. After that (you might want to check whether the IFrame loaded succesfully), redirect the user to a logout procedure for your own site. After logging out let that page redirect to your home page.

The link might look a bit like this:

<a href="https://www.google.com/accounts/Logout"
    onclick="myIFrame.location='https://www.google.com/accounts/Logout';StartPollingForCompletion();return false;">
   log out</a>
<iframe id="myIFrame"></iframe>

You need to implement the StartPollingForCompletion() function to periodically check whether the logout page has loaded. use setTimeout() to time the poll, and check for some property on the IFrame (I don't know for sure which ones will work, because you're working cross-site here).

Solution 3

As I've spent a huge amount of time on this google login/logout issue for my app (which is a Node/MongoDB server, using massively Google Docs and Google Script APIs), I had to share my results here..

The only good way to completely logout the user is to use this :

 var newWindow = window.open('https://mail.google.com/mail/?logout&hl=fr','Disconnect from Google','width=100,height=50,menubar=no,status=no,location=no,toolbar=no,scrollbars=no,top=200,left=200');
setTimeout(function(){
    if (newWindow) newWindow.close();
    window.location="auth/google";
},3000);

If you use the solution gave above by ira, it is doing a partial logout it seems for the current tab of the browser. Meaning that if the user close the tab, and reopen the application, he will be still logged to the previous account.

I had to use an external window because I was not able to redirect correctly to my app after logout from email google account. This solution works most of times, if user bandwidth is not too slow, letting 3 seconds to the logout being done before closing the popup. Then user is required to log with another account in my main window app.

This confirms the solution of floccinaucinihilipilification and maybe the iframe solution given above should be better than mine.

Solution 4

I use this code to log out from google account. It will throw an error but don't worry, it will be redirected immediately after the error takes place directly to your application server-side signout route.

<a href="https://www.google.com/accounts/Logout" target="myiframe">logout</a>
<iframe name="myiframe" style="display:none" onload="redirect()"></iframe>

<script>
  function redirect() {
    window.location = 'http://your.site.com/signout';
  };
</script>

Solution 5

I have been trying to do the same. For google apps only -
To logout try the following two options:
1) Using i-frame -

<iframe src="https://mail.google.com/a/YOURDOMAIN.IN/?logout&hl=en" width="100%" height="300">
  <p>Your browser does not support iframes.</p>
</iframe>

2) Using Javascript -

<script type="text/javascript">
     window.open('https://mail.google.com/a/YOURDOMAIN.IN/?logout&hl=en','logout_from_google','width=600,height=300,menubar=no,status=no,location=no,toolbar=no,scrollbars=no,top=20,left=20');
</script>

View more solutions

39,256

Author by

Shrinath

Novice Programmer

Updated on April 01, 2020

Comments

Shrinath about 4 years

I am using openid to log the user in.(google account only). Now I have a sign out link in my page, which on clicking, I want the user to be logged out of google accounts and the page to be redirected to my home page. can this be done ??

Edit-
Changing the accepted answer because now Google allows redirecting [continuing] to any domain you want.
Shrinath over 13 years

I am thinking of something like this : <a href="google.com/accounts/Logout" target = "myframe">logout</a> <iframe name="myframe" style="display:none"></iframe>
Shrinath over 13 years

Lol :D I had seen that stackoverflow's thread before.. I didn't get a proper answer there, and it was old, so opened a new one hoping to get an answer atleast after an year :D
Shrinath over 13 years

btw, how do you suggest I implement that "StartPollingForCompletion()" ?? I am currently executing a redirect in javascript after 500ms, but I know that is blind..
Shrinath about 13 years

sorry dude, this thread is answered long back, and he had suggested the iframe method which I used on that project... Thanks for your valuable time :)
Floccinaucinihilipilification. about 13 years

Hi. Could u tell me how u did this ? What I want to do is send a hidden request to log out the user from google acccount and then take him to any php page I want. Please help !
Shrinath about 11 years

OK, do you mean Google is now letting you "continue" into any domain?
ira about 11 years

I didn't try if it is possible to continue into ANY domain. I only tried with the domain from which the request was sent.
seoul about 11 years

@Shrinath: Yes, now google allows. So, this ans is the perfect way :-)
ptz0n over 10 years

Using appengine.google.com as a middle man when doing the redirect back to your application works right now, but I cannot find any documentation for this endpoint. Use with caution.
William Price almost 9 years

Checking anything relative to the state of such an iframe is likely to fail due to CORS (XSS) restrictions.
Gene Bo almost 6 years

Elegant solution here - working nicely. Seems to be "cleaner & lighter" than having to manage an iframe and all the stuff that goes with that
Guss over 5 years

Unfortunately, when using this URL with Google Chrome, and with a user logged in to Google Chrome, this also logs the user out of their chrome session - pausing the data sync. Not a good idea....
Shrinath over 5 years

Does it continue to the home.html after an error happens or does it stay there?
Pawel Czuczwara almost 5 years

This is not working any more. It is intended behavior, please check this case for answer
Trinu over 2 years

It worked perfectly with my requirement i want to programmatically call logout without knowing user or any kind of popup. Your solution worked for me. One thing i want to add after document.body.appendChild(ifrm) we can add const nodes = document.querySelectorAll('iframe'); nodes.forEach((node) => node.parentNode.removeChild(node)); to remove iframes which are not useful.