npm - @acorex/connectivity - Versions diffs - 20.6.0-next.20 → 20.6.0-next.22 - Mend

@acorex/connectivity 20.6.0-next.20 → 20.6.0-next.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/api/index.d.ts +6 -0
package/fesm2022/acorex-connectivity-api.mjs +31 -4
package/fesm2022/acorex-connectivity-api.mjs.map +1 -1
package/package.json +2 -2

package/api/index.d.ts CHANGED Viewed

@@ -144,6 +144,12 @@ declare class AXCAPIOidcStrategy extends AXPAuthStrategy {
     updateToken(params: {
         [key: string]: any;
     }): Promise<AXPSignInResult | void>;
+    /**
+     * Signs out the user according to OpenID Connect standards.
+     * Tries to call the standard OIDC end_session_endpoint if available, else falls back to configured logoutUrl.
+     * Falls back to root landing page on local logout if nothing is provided.
+     * This runs in the background (without redirecting user immediately to the endpoint).
+     */
     signout(): Promise<void>;
     refreshToken(context: AXPSessionContext): Promise<AXPSignInResult>;
     private loadAuthData;

package/fesm2022/acorex-connectivity-api.mjs CHANGED Viewed

@@ -639,13 +639,40 @@ class AXCAPIOidcStrategy extends AXPAuthStrategy {
             this.handleError(error);
         }
     }
+    /**
+     * Signs out the user according to OpenID Connect standards.
+     * Tries to call the standard OIDC end_session_endpoint if available, else falls back to configured logoutUrl.
+     * Falls back to root landing page on local logout if nothing is provided.
+     * This runs in the background (without redirecting user immediately to the endpoint).
+     */
     async signout() {
         localStorage.removeItem('pkce_code_verifier');
         localStorage.removeItem('oauth_provider');
-        console.log(this.openidConfigurationInfo?.info?.discoveryDocument);
-        // Use configured logoutUrl or derive from baseUrl
-        const logoutUrl = this.aXMAuthConfigs.logoutUrl || `connect/logout`;
-        window.location.href = logoutUrl;
+        // Standard OIDC logout: try to use end_session_endpoint if found in the discovery document
+        const discoveryDoc = this.openidConfigurationInfo?.info?.discoveryDocument;
+        let logoutUrl;
+        if (discoveryDoc?.end_session_endpoint) {
+            logoutUrl = discoveryDoc.end_session_endpoint;
+            // Optional: append id_token_hint, post_logout_redirect_uri or others as needed by your IdP
+            // For example: logoutUrl += `?post_logout_redirect_uri=${encodeURIComponent(window.location.origin)}`;
+        }
+        else if (this.aXMAuthConfigs.logoutUrl) {
+            logoutUrl = this.aXMAuthConfigs.logoutUrl;
+        }
+        // Call logout in the background (don't redirect)
+        if (logoutUrl) {
+            // Fire-and-forget: Create an invisible iframe to make the logout request in the background
+            const iframe = document.createElement('iframe');
+            iframe.style.display = 'none';
+            iframe.src = logoutUrl;
+            document.body.appendChild(iframe);
+            // Optionally, remove iframe after load
+            iframe.onload = () => {
+                setTimeout(() => document.body.removeChild(iframe), 1000);
+            };
+        }
+        // Always send user to landing page after local logout, regardless
+        window.location.href = '/';
     }
     async refreshToken(context) {
         try {