@aws-amplify/auth
Version:
Auth category of aws-amplify
28 lines (26 loc) • 1.69 kB
JavaScript
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
Object.defineProperty(exports, "__esModule", { value: true });
exports.handleOAuthSignOut = void 0;
const completeOAuthSignOut_1 = require("./completeOAuthSignOut");
const oAuthSignOutRedirect_1 = require("./oAuthSignOutRedirect");
const handleOAuthSignOut = async (cognitoConfig, store, tokenOrchestrator, redirectUrl) => {
const { isOAuthSignIn } = await store.loadOAuthSignIn();
const oauthMetadata = await tokenOrchestrator.getOAuthMetadata();
// Clear everything before attempting to visted logout endpoint since the current application
// state could be wiped away on redirect
await (0, completeOAuthSignOut_1.completeOAuthSignOut)(store);
// The isOAuthSignIn flag is propagated by the oAuthToken store which manages oauth keys in local storage only.
// These keys are used to determine if a user is in an inflight or signedIn oauth states.
// However, this behavior represents an issue when 2 apps share the same set of tokens in Cookie storage because the app that didn't
// start the OAuth will not have access to the oauth keys.
// A heuristic solution is to add oauth metadata to the tokenOrchestrator which will have access to the underlying
// storage mechanism that is used by Amplify.
if (isOAuthSignIn || oauthMetadata?.oauthSignIn) {
// On web, this will always end up being a void action
return (0, oAuthSignOutRedirect_1.oAuthSignOutRedirect)(cognitoConfig, false, redirectUrl);
}
};
exports.handleOAuthSignOut = handleOAuthSignOut;
//# sourceMappingURL=handleOAuthSignOut.js.map
;