Revoke Access Token On Signout?
sheeeng opened this issue ยท 6 comments
Does this library support revokeAccessTokenOnSignout: true?
If it is not supported, how can we workaround it using this library?
Hello, thank you for using oidc-react
.
You can use this with a custom provider, like so:
import React from 'react';
import { UserManager, AuthProvider } from 'oidc-react';
const userManager = new UserManager({
revokeAccessTokenOnSignout: true,
// ... set your config here
});
export const HelloComponent: React.FC = () => (
<AuthProvider userManager={userManager}>
{/* ... */}
</AuthProvider>
);
Closing this ๐
Thank you for the clarification.
Which client ID will the library uses with the following code?
Should all the related OIDC properties moved into UserManager instead of residing inside AuthProviderProps?
Should we use <AuthProvider userManager={userManager}>
or <AuthProvider {...OidcConfiguration}>
for this example?
const customUserManager = new UserManager({
revokeAccessTokenOnSignout: true,
client_id: process.env.REACT_APP_CLIENT_ID,
// ... set your config here
});
export const OidcConfiguration: AuthProviderProps = {
onSignIn: async (user: any) => {
console.log('Signed in! User is: ', user);
window.location.hash = '';
},
userManager: customUserManager,
autoSignIn: false,
clientId: process.env.REACT_APP_CLIENT_ID,
// ... set your config here
}
export const HelloComponent: React.FC = () => (
<AuthProvider userManager={userManager}> // or <AuthProvider {...OidcConfiguration}> ?
{/* ... */}
</AuthProvider>
);
Yes! Sorry for being unclear about that, but you're right. You have to move the other arguments.
In other words, UserManager
take precedence over AuthProviderProps
.
We should use <AuthProvider userManager={userManager}>
instead of <AuthProvider {...OidcConfiguration}>
in this example, right?
But, how to use autoSignIn: false
from AuthProviderProps
? How do I workaround it while using UserManager
?
In other words,
UserManager
take precedence overAuthProviderProps
.We should use
<AuthProvider userManager={userManager}>
instead of<AuthProvider {...OidcConfiguration}>
in this example, right?
Yes :-)
But, how to use
autoSignIn: false
fromAuthProviderProps
? How do I workaround it while usingUserManager
?
autoSignIn
still is used. ๐