ClearSession is showing prompt to Sign In when user wants to Logout in iOS

[Greeshma0104]

Hi @vmurin,

While logging out of the application I make a call to the clearSession request. Before navigating to the webview to logout, it shows the Sign In prompt as shown in the attachment.
Please suggest how to do away with the prompt totally or at least need to change the text in the prompt to Sign Out.

[vmurin]

Have you debugged your code? Could you please double check if the login prompt comes from clearSession method and not from some another code line. Neither me nor other users have faced such an issue before.

[Greeshma0104]

Thanks for the update @vmurin. I am using below method to logout user. Please have a look and suggest if any modification needs to be done:

const RemoveAccount = () => {
  const AzureClientID = '<my azure client id>';

  var clientApp = new AzureAuth({
    clientId: AzureClientID,
    redirectUri: '<custom redirect uri>',
  });

  clientApp.webAuth
    .clearSession({closeOnLoad: true})
    .then(success => {
      console.log(success);
    })
    .catch(error => console.log(error));
};

[vmurin]

Some suggestions:

1. Could you share your custom redirect uri? May it has something special?
2. Try following initializer:

 var clientApp = new AzureAuth({
    clientId: AzureClientID,
    baseUrl: 'https://login.microsoftonline.com/common/oauth2/'
    redirectUri: '<custom redirect uri>',
  });

just an experiment...

[Greeshma0104]

Thanks for the suggestion @vmurin

1. We are using redirectUri as msal${AzureClientID}://spectra-auth
2. Setting baseUrl gives this error - Identity provider's login token can not be verified. Please try relogin.

[vmurin]

Do you have the same behavior on iOS and Android?
Have you tested on Emulator or on the Device too?

[Greeshma0104]

Hi @vmurin, this behaviour is seen only in iOS. We do not get any confirmation prompt in Android. Also I have used iPhone device to test it and have not checked on Simulator

[faisal-rehman19]

@vmurin facing the same issue on ios simulator. It asks to Sign in when trying to clear the session. Here is my code for logging out:

const onLogout = () => {
    azureAuth.webAuth
      .clearSession({closeOnLoad: true})
      .then(success => {
        console.log('success', success);
      })
      .catch(error => console.log('logout error', error));
  };

This is what i see when I click on Continue

[sakshya73]

I am facing the same issue. This popup is visible when the user is logging out. And no matter whether the user clicks cancel or continue. The user will be logged out. After going through the code for clearSession is src/webauth/index.js file I noticed agent.openWeb is being called and openWeb is calling NativeModules.AzureAuth.showUrl method which is responsible for that popup. I have added an extra param in the openWeb function to check if it's being called from the clearSession function. Everything seems to work fine for me but I am not sure if it's correct.

@vmurin Could you please check this and let me know if NativeModules.AzureAuth.showUrl is required for logout or if is there any need to call agent.openWeb in the clearSession function in src/webauth/index.js function.

Here's my code.

   openWeb(url, ephemeralSession = false, closeOnLoad = false,isLogout = false) {
        if (!NativeModules.AzureAuth) {
            return Promise.reject(new Error('Missing NativeModule. Please make sure you run `react-native link react-native-azure-auth`'))
        }
        console.log("isLogout>>>>>>",isLogout)

        return new Promise((resolve, reject) => {
            let eventURL
            const removeListener = () => {
                //This is done to handle backward compatibility with RN <= 0.64 which doesn't return EmitterSubscription on addEventListener
                if (eventURL === undefined) {
                    Linking.removeEventListener('url', urlHandler)
                } else {
                    eventURL.remove()
                }
            }
            const urlHandler = event => {
                NativeModules.AzureAuth.hide()
                removeListener()
                resolve(event.url)
            }
            const params =
              Platform.OS === 'ios' ? [ephemeralSession, closeOnLoad] : [closeOnLoad]
            eventURL = Linking.addEventListener('url', urlHandler)
            if(isLogout){
                resolve()
            }
            else{
            NativeModules.AzureAuth.showUrl(url, ...params, (error, redirectURL) => {
                removeListener()
                if (error) {
                    reject(error)
                } else if (redirectURL) {
                    resolve(redirectURL)
                } else if (closeOnLoad) {
                    resolve()
                } else {
                    reject(new Error('Unknown WebAuth error'))
                }
            })
        }
        })
    }
    

[nareshkopanathi]

I am facing the same issue. @sakshya73 I implemented the changes based on your suggestions and successfully skipped the sign-in prompt when the user logs out. However, the logout functionality is still not fully working as the user remains signed in and is not completely logged out.

I spent a lot of time about this issue but I couldn't able to resolve this issue. Can anybody help me how to skip the sign in prompt and user should be logged out completely.

[vmurin]

Hi Guys @sakshya73 @nareshkopanathi @faisal-rehman19

To the question from @sakshya73 - yes it is needed to call NativeModules.AzureAuth.showUrl to LogOut, because the session is kept by Azure Server and we should get him to know to release (close) the session. Without it, as mentioned in the last comment by @nareshkopanathi - the user remains signed in.

The confusing message "...Wants to use microsoft.com to SignIn" is coming from Azure and I'm not sure why.