UNPKG

@aws-amplify/auth

Version:
28 lines (26 loc) 1.69 kB
'use strict'; // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 Object.defineProperty(exports, "__esModule", { value: true }); exports.handleOAuthSignOut = void 0; const completeOAuthSignOut_1 = require("./completeOAuthSignOut"); const oAuthSignOutRedirect_1 = require("./oAuthSignOutRedirect"); const handleOAuthSignOut = async (cognitoConfig, store, tokenOrchestrator, redirectUrl) => { const { isOAuthSignIn } = await store.loadOAuthSignIn(); const oauthMetadata = await tokenOrchestrator.getOAuthMetadata(); // Clear everything before attempting to visted logout endpoint since the current application // state could be wiped away on redirect await (0, completeOAuthSignOut_1.completeOAuthSignOut)(store); // The isOAuthSignIn flag is propagated by the oAuthToken store which manages oauth keys in local storage only. // These keys are used to determine if a user is in an inflight or signedIn oauth states. // However, this behavior represents an issue when 2 apps share the same set of tokens in Cookie storage because the app that didn't // start the OAuth will not have access to the oauth keys. // A heuristic solution is to add oauth metadata to the tokenOrchestrator which will have access to the underlying // storage mechanism that is used by Amplify. if (isOAuthSignIn || oauthMetadata?.oauthSignIn) { // On web, this will always end up being a void action return (0, oAuthSignOutRedirect_1.oAuthSignOutRedirect)(cognitoConfig, false, redirectUrl); } }; exports.handleOAuthSignOut = handleOAuthSignOut; //# sourceMappingURL=handleOAuthSignOut.js.map