Hi Team,
I am facing issue on SSO while performing the logout couldnt able to login back unless I run a logout url manually. Hereby I attached the screenshot for the reference.
Please advise.
Thanks in advance
If possible please advise to perform the url on logout.
Regards,
Balram Singh
Hello,
Which platform did you try SSO with?
Could you please share more details so I can assist you better?
In my previous project, I used the on_logout event to write custom logic for logging out from third-party services as well.
on_logout = "ness.events.user.logout_sso"
Thks maheswari for the response. We are using keycloak for SSO. As informed login works as expected but the logout not getting redirected to the SSO instead it is given the error while trying to login again.
I also did for the keyclock.
I logged out from Keyclock, so it won’t give an error the next time I log in
def logout_sso(login_manager):
"""
Logs out the user from KeyClock when they log out from the system.
"""
# Fetch the user's KeyClock ID
userid = frappe.get_value('User Social Login',
{
'parent': login_manager.user,
'provider': 'keyClock'
}, 'userid')
# Fetch Settings
settings = frappe.get_single('Keyclock Settings')
# Prepare request for access token
url = settings.url_for_access_token
headers = {
"Content-Type": "application/x-www-form-urlencoded"
}
payload = {
'grant_type': 'client_credentials',
'client_id': settings.client_id,
'client_secret': settings.get_password('client_secret')
}
# Get access token
response = requests.post(url, headers=headers, data=payload)
if response.status_code != 200:
msg = f'''
<div><p>Status Code: {response.status_code}</p></div>
<div>{response.reason}</div>'''
frappe.throw(title="KeyClock Logout Failed", msg=msg)
access_token = response.json()['access_token']
# Perform logout action for the user in KeyClock
url = f"{settings.url_for_user_actions}/{userid}/logout"
headers = {
"Content-Type": "application/json",
"Authorization": f"Bearer {access_token}"
}
requests.post(url, headers=headers)
import frappe
import requests
def logout_sso(login_manager):
# Fetch the user's KeyClock ID
userid = frappe.get_value('User Social Login',
{
'parent': login_manager.user,
'provider': {provider}
}, 'userid')
print(f'user id:{userid}')
# Prepare request for access token
url = 'http://{baseurl}/auth/realms/{realname}/protocol/openid-connect/token'
headers = {
"Content-Type": "application/x-www-form-urlencoded"
}
payload = {
'grant_type': f'{client_credentials}',
'client_id': f'{client_id}',
'client_secret': f'{client_secret}'
}
# Get access token
response = requests.post(url, headers=headers, data=payload)
if response.status_code != 200:
msg = f'''
<div><p>Status Code: {response.status_code}</p></div>
<div>{response.reason}</div>'''
frappe.throw(title="KeyClock Logout Failed", msg=msg)
access_token = response.json()['access_token']
# Perform logout action for the user in KeyClock
url = f"http://{baseurl}/auth/realms/{realname}/protocol/openid-connect/{userid}/logout"
headers = {
"Content-Type": "application/json",
"Authorization": f"Bearer {access_token}"
}
requests.post(url, headers=headers)
i tried with above code how ever not able to destroy session and its giving not found response.
Hi Bhavesh Thanks for the response.
Could you please brief the code.
I understand that you are building the url to perform the logout but in my case I already have the url with me which provided by administrator to utilize on resolving the logout issue.
I want to execute this url in the same session could be possible please let me know while performing the logout.
Regards,
Balram Singh
when i tried to hit with userId and newaccess token its giving back not found(404)
url = f"http://{baseurl}/auth/realms/{realname}/protocol/openid-connect/{userid}/logout"