How to logout with flutter_appauth?

2,638

Solution 1

In that package, didn't any solution for this, but this problem solve with two way :

It's your browser so you can clear the browser's cache :)
When you call method for authorizing and exchanges code, there is needed to add an additional parameter called "promptValues" with 'login' value. In this way, every time the login is made there is no value in the cache and it always asks for a new login.

do this :

final AuthorizationTokenResponse result =
    await appAuth.authorizeAndExchangeCode(
      AuthorizationTokenRequest(
        your_client_id,
        your_localhost,
        promptValues: ['login'],
        discoveryUrl:
        your_discovery_url,
        scopes: [your_scopes],
      ),
    );

Solution 2

There are 2 main options here, and as a first step I would see if you can make the first option work, in line with Mohammad's comment:

OPTION 1: SIMPLE LOGOUT

Just remove any stored tokens from your app. The problem with this is that it does not remove the Authorization Server Session Cookie. So by default you cannot force another login prompt, eg to sign in as a new user. One way around this is to send prompt=login as a parameter when performing the login redirect.

OPTION 2: FULL LOGOUT

A full logout involves both of these actions and may require you to dig into AppAuth internals:

Remove stored tokens from your app
Redirect to remove the Authorization Server session cookie, via an End Session Request

Here is some sample Android code of mine to spin up a Chrome Custom Tab for a logout redirect.

There are other potential issues, such as intermittent Chrome white screens that fail to return to the app after logout, due to a missing user gesture.

FURTHER INFO

My blog posts have some further details on AppAuth integration, along with code samples you can run, in case any of this is useful. I am using AppAuth libraries directly from Kotlin / Swift, whereas you need to deal with an additional layer of the Flutter Plugin:

2,638

Author by

Hossein Yousefpour

Full-stack Flutter android, iOS and web applications developer

Updated on December 26, 2022

Comments

Hossein Yousefpour over 1 year
I need to logout from flutter_appauth with a button press in flutter;

This package doesn't have any logout method.

This is my get token code:
```
appAuth.authorizeAndExchangeCode(AuthorizationTokenRequest(
                clientID, redirectUrl,
                discoveryUrl: discoveryUrl,
                scopes: scopes,
                clientSecret: clientSecret
```
- Mohammad Mirshahbazi over 3 years
  
  Why you use this package ,when there developer removed this repo from his github.
- Hossein Yousefpour over 3 years
  
  @MohammadMirshahbazi I am using the flutter_appauth. The url fixed in the question. pub.dev/packages/flutter_appauth
- Mohammad Mirshahbazi over 3 years
  
  before you edit this link we see https://pub.dev/packages/flutter_auth/install
- Hossein Yousefpour over 3 years
  
  @MohammadMirshahbaziI know and it was my mistake. I have logout problem with flutter_appauth package
- Mohammad Mirshahbazi over 3 years
  
  Ok bro, i figure out, wait i solve your problem.
Hossein Yousefpour over 3 years

I just need a function to logout. It should not request login info in every login!
Mohammad Mirshahbazi over 3 years

No method exist for logout as far as I realized, but with solution you can clean the cache every time you login, so you are logout because of your cache is clean , try it please it's work.
Hossein Yousefpour over 3 years

How can I clear the cache? The flutter_appauth uses it's built in webview and I can't access to it. I also delete the getTemporaryDirectory dir, but nothing works.
Mohammad Mirshahbazi over 3 years

Do you store the refresh token somewhere in your case so that you can keep your user signed it?