It is not possible to login after logging out

jsusen · February 7, 2024, 2:40pm

login to Origam. Then log out by pressing the button in the top right corner drop down.
Try to log in again => you are logged in and then logged out immediately.
You cannot login any more unless you clear the session store in the browser.

jsusen · February 7, 2024, 2:42pm

The issue is caused by an undocumented change in the oidc-client-ts package v3.0.0.

github.com/authts/oidc-client-ts

UserManager signoutRedirect not working in 3.0.0

opened 08:02AM - 02 Feb 24 UTC

ch-lepp

documentation

To logout I use the[ signoutRedirect method of the UserManager](https://authts.g…ithub.io/oidc-client-ts/classes/UserManager.html#signoutRedirect). That worked perfectly fine with version 2.4.0. With version 3.0.0 the user is no longer properly logged out. oidc-client-ts correctly redirects the user agent to the auth server with id_token_hint and post_logout_redirect_uri. The auth server performs the logout as usual and redirects the user agent back to the application. The difference compared to version 2.4.0 is, that the UserManager still holds a user object, accesible by the [getUser method](https://authts.github.io/oidc-client-ts/classes/UserManager.html#getUser). Causing the issue should be the removal of [this line in the _signoutStart method](https://github.com/authts/oidc-client-ts/blob/v2.4.0/src/UserManager.ts#L552). Is this a bug or should I change some things in my application?

jsusen · February 7, 2024, 2:42pm

jsusen · February 7, 2024, 2:45pm