How to implement single signout using abp? #4595 | ABP Support | ABP.IO | ABP Support

m.veckas created one year ago

Hello,

we are trying to implement single sign on and single logout functionality to our systems (abp self service system and Magento2 ecommerce). We have a problems with single logout. Last month we opened an issue (https://support.abp.io/QA/Questions/4229/How-to-implement-single-signout-using-abp) but it doesn't fits our requirements, because it opens an ecommerce website logout endpoint in the new browser tab (see the code snippet below).

import { Component } from '@angular/core';
import { Router } from '@angular/router';
import { OAuthService } from 'angular-oauth2-oidc';
import { filter } from 'rxjs';

@Component({
  selector: 'app-root',
  template: `
    &lt;abp-loader-bar&gt;&lt;/abp-loader-bar&gt;
    &lt;abp-dynamic-layout&gt;&lt;/abp-dynamic-layout&gt;
    &lt;abp-gdpr-cookie-consent&gt;&lt;/abp-gdpr-cookie-consent&gt;
  `,
})
export class AppComponent {
  constructor(oAuthService: OAuthService) {
     oAuthService.events.pipe(filter(e => e.type === 'logout')).subscribe(() => { 
      const currentUrl = router.url.split('?')[0];
      //check logout location
      if (currentUrl !== '/logout') {
        // logout from rp
        window.open('otherclientloguturl', '_blank');
      }
    });
  }
}

We have tried to change the window.open('otherclientloguturl', '_blank'); to window.open('otherclientloguturl', '_self'); but then the single logout stops working.

Also, we have created a new angular component responsible for redirecting to the ecommerce logout endpoint in the event:

@Component({
  selector: 'app-root',
  template: `
    &lt;abp-loader-bar&gt;&lt;/abp-loader-bar&gt;
    &lt;abp-dynamic-layout&gt;&lt;/abp-dynamic-layout&gt;
    &lt;abp-gdpr-cookie-consent&gt;&lt;/abp-gdpr-cookie-consent&gt;
  `,
})
export class AppComponent {
  constructor(oAuthService: OAuthService) {
     oAuthService.events.pipe(filter(e => e.type === 'logout')).subscribe(() => { 
      const currentUrl = router.url.split('?')[0];
      //check logout location
      if (currentUrl !== '/logout') {
        // navigate to redirect-to-ecommerce-logout component
        router.navigate(['/redirect-to-ecommerce-logout']);
      }
    });
  }
}

logout component:

@Component({
  selector: '',
  template: '',
})
class LogoutComponent {
  constructor(authService: OAuthService, route: ActivatedRoute) {
    route.queryParams.subscribe(params => {
      const { post_logout_redirect_uri } = params;
      authService.revokeTokenAndLogout({ post_logout_redirect_uri });
    });
  }
}

redirect-to-ecommerce-logout component:

@Component({ 
 selector: 'app-redirect-to-ecommerce-logout',  
templateUrl: './redirect-to-ecommerce-logout.component.html',  
styleUrls: ['./redirect-to-ecommerce-logout.component.scss']
})

export class RedirectToEcommerceLogoutComponent implements OnInit {
  constructor() {   
      window.open('otherclientlogouturl', '_self');  
  }
  ngOnInit(): void {  
  }
}

With this implementation it opens the ecommerce logout endpoint as expected but doesn't logout from abp, it seems that it doesn't waits until abp logouts itself and redirects to the ecommerce.

Maybe you could give us an example, how to implement Single Logout with redirects in the single browser tab?

UI type: Angular DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): no

5 Answer(s)

0

kirotech created one year ago

Any update regarding this?
0

mahmut.gundogdu created one year ago
Support Team

Maybe I understood wrong but if you want to login with Magento2, you may connect Magento to openiddict. that communicate each other. If Magento2 support fully a OAuth2, you can replace that with openiddict like keyclock see the example https://github.com/abpframework/abp-samples/tree/master/KeycloakDemo

I couldn't understand what your main expectation was.
0

kirotech created one year ago

Hello mahmut.gundogdu, here (https://support.abp.io/QA/Questions/4229/How-to-implement-single-signout-using-abp) you provided solution for Single logout using your openiddict commercial angular abp implementation. We mean your provided solution for single logout doesn't work. Angular application does not logout in the solution you provided. Please provide working solution. Also refund technical support credits because solution your provided didn't work sorry.
0

kirotech created one year ago

hello, any update regarding this abp commercial single logout issue?
0

mahmut.gundogdu created one year ago
Support Team

https://support.abp.io/QA/Questions/4229/How-to-implement-single-signout-using-abp

I can refund your credits but you may give us more information, please. For example, what is your login flow ?
Resource Owner Password Flow (aka login ui is angular) or server side login with redirect If you are logging in on the server side. you should invalidate that key on server, otherwise backend try to refresh auth with exists key.

Have an answer to this question? Log in and write your answer.

Assignee

mahmut.gundogdu

Labels