I am using Microsoft Azure Active Directory SDK for Authentication in my Android App. SignIn & Graph API implementation is working fine. But when I am calling the signout method of SDK. It signout me from the app. But when I pressed again login, it opens the browser overlay for SignIn.
There Microsoft page shows me my last account as an item to pick. Once I clicked on the item it allows me to log in the app without asking password again.
So it seems Microsoft does not clean the User account instance in the browser which opens by SDK.
I tried to clean Cookies & Cache in the signout callback method. but No success yet.
Has anybody faced such a problem before? Some days before I faced such a problem with the OKta Authentication also. It was also an open browser overlay for login.
It's worked for me,
Clear your cookies and shared preferences also
Clear browser cookies after logout
private fun logoutFromMS(){
// Clear Microsoft pref
requireActivity()
.applicationContext
.getSharedPreferences("com.microsoft.aad.adal.cache", 0)
.edit()
.clear()
.apply()
requireActivity()
.applicationContext
.getSharedPreferences("WebViewChromiumPrefs", 0)
.edit()
.clear()
.apply()
val cookieManager: CookieManager =
CookieManager.getInstance()
cookieManager.removeAllCookies { data ->
Timber.d("DATA:removeAllCookies: $data")
}
cookieManager.removeSessionCookies { data ->
Timber.d("DATA:removeSessionCookies: $data")
}
cookieManager.flush()
}
Here is a thread discussing something similar. And is likely what you are running into. https://github.com/Azure-Samples/active-directory-xamarin-native-v2/issues/86
Mainly that you can clear the token cache for the embedded browser, but not from the chrome browser. and that is sort of by design.
basically you are logging out of your app, Not out of azure ad. if there are other apps or sites or email accounts using that same login, then you will kick them all out which is not necessarily a good thing. In the thread there is a mention of something similar but with google signin: How to Logout of an Application Where I Used OAuth2 To Login With Google? this gives you some quick and dirty example of how to log off of the authprovider, basically calling the logout endpoint. you would have to do something similar if you wanted to do it for azure.
Related
I have an Android app, which the user can link to Spotify, with :
AuthenticationClient.openLoginActivity(getActivity(), SPOTIFY_REQUEST_CODE, request);
The problem is that I want the user to change his Spotify account so I want to logout the user from Spotify to log with another account. But the data of the connection are saved in the cache and when I use this line again :
"AuthenticationClient.openLoginActivity(getActivity(), SPOTIFY_REQUEST_CODE, request);", it does not show the connection dialog because the user is already connected.
In the doc, it says :
"To log out and clear all stored tokens, use the AuthenticationClient#clearCookies method. Both Spotify and Facebook tokens will be removed."
But the method clearCookies does not exist anymore. What can I do to logout the user and allow him to connect on another account ?
I've searched on the net and seems that this code
AuthenticationRequest.Builder builder = new AuthenticationRequest.Builder(CLIENT_ID, type, redirectUri)
.setShowDialog(true)
.setScopes(scopes).build();
took from this post it's your only choice to try to logout a user.
I can't test it, so you should try it yourself and see if works.
The documentation on the Spotify Android SDK is outdated and is not reflecting the new Spotify auth library on GitHub.
Spotify's Android SDK documentation is definitely outdated. My observation is that when you call
AuthorizationClient.clearCookies(context)
directly before starting Spotify's auth activity, it just works fine. But if you call it once and then expect that the user is logged out, when you start the activity later in the future, cached credentials keep messing around.
I do not prefer
builder.setScopes(arrayOf("")).setShowDialog(false).build()
as it shows you a "not you? Click to log out" option. So basically you need to log out on the Spotify UI, cannot do it from code.
In my case, the application saves the logged in user's email (I need that to show on the UI, anyway). When I want to log the user out programmatically, I just delete the saved email from the app and call
clearCookies()
when I start Spotify's Activity if the variable is empty.
A bit late, but you can use this AuthorizationClient.clearCookies(this) as
AuthenticationClient no longer exists
How to remove all application data on react native?
Not only AsyncStorage.clear().
I mean deleting application data like through settings > application.
I have faced EUNSPECIFIED error code with react-native-fbsdk.
First I logged in with my facebook account,
Second I logged out from it,
Third I relogin with this account (It works well)
And then I logged out again,
And I tried to log in with another facebook account,
But I faced EUNSPECIFIED error.
But after deleting all app data (not uninstall) through settings > application,
I can login with another facebook account.
I have to delete all applilcation data when logged out from my react native application.
OR
I have to fix this react-native-fbsdk's bug (or I guess fbsdk is caching some data....)
Already I put AsyncStorage.clear() when logout, No changes..
Appreciate for your help...
I had this problem with FBSDK as well and the problem is that when you login with facebook, the SDK creates an AccessToken linked to the old user. Therefore, when you try to login with another account, it throws this weird error message.
What you have to do is to logout the user on the fbAPI. The code below is how you do it:
// Remove FbAccessToken when the user logout.
logoutFromFB(){
if (AccessToken.getCurrentAccessToken() != null) {
LoginManager.logOut()
}
}
I hope it helps!
Building my first app with PhoneGap Build but cannot solve a problem which is, of course, an important piece.
The app uses Google oAuth2 to access an external site where I fetch data with Ajax. I use a url to do the initial login.
The only way I can get back to the Google Sign In is to delete and reinstall the app in iOS. In Android, I can use Application Manage and Clear Data.
In both cases, I get asked for the Sign In again as desired if I take either of those manual steps.
How can I programmatically clear the oAuth2 data which I believe is causing the problem?
Or, if necessary, what can I do to reinitialize the app entirely?
Thanks in advance for your suggestions.
Got this to work for me:
function googLogout (){
var ref = window.open('https://accounts.google.com/Logout?continue=http://google.com', '_blank', 'hidden=yes');
setTimeout(function(){ref.close();}, 3000);
alert('goog logout done');
}
Hope it helps someone else.
Following the Instagram documentation I'm able to authenticate a user and retrieve an access_token easily
But now I want to change of Instagram account which is impossible since the browser automatically call my callback URL because I'm already signed in with an account (there is no login / authorization form again)
To explain what happen here is the authenticate / authorization flow :
Open a browser asking user to log and authorize
User fill up form and submit (this step is skipped when user is already signed in !)
Browser redirect to callback URL
You see step 2 is skipped so we can't login with another user
Does the Instagram have a parameter to force relogin ?
Justin Powell answer is working for log out but I need to be also able to log in just after
and it's quite anoying for Android
But it points me in the right direction : Instagram (like other website) maintains our login with session variable (so with cookies)
So to avoid to be always loged in, we just have to find and remove the correct cookie, here is how to do it with Android :
String cookieString = "sessionid=''";
CookieManager.getInstance().setCookie("instagram.com", cookieString);
With this I set the Instagram sessionid cookie to en empty string so Instagram doesn't recognize me anymore
You could call the Instagram logout url (https://instagram.com/accounts/logout/) in the background before asking for access again. See this question and answers.
I believe the only other option is to leave it up to the user to logout of their Instagram account before loading your access url.
solved the same issue by deleting Access-Token from the app and loading url https://instagram.com/accounts/logout in webview without attaching it to any rootview.
The sdk I am using for my app calls up a webview that loads Facebook's login oauth login screen. I can't find a way of logging the user out so that they can login as a different Facebook user as the view always loads with the credentials of the first user. My only solution is to uninstall the app.
I have been using 'https://graph.facebook.com/me/permissions?method=delete&access_token=', which does in fact remove the user from my app, by I think the webkit cache keeps the last access_token around and just tries to reauthenticate it.
I haven't seen any apps so far that let you fully logout and login as a different user when using Facebook to authenticate.
you can use this at time of logout
NSHTTPCookieStorage *cookieStorage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
for (NSHTTPCookie *each in cookieStorage.cookies) {
// put a check here to clear cookie url which starts with twitter and then delete it
if ([[each valueForKey:#"domain"] isEqualToString:#".facebook.com"])
{ [cookieStorage deleteCookie:each]; }
else
{
[cookieStorage deleteCookie:each];
}
}