Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EA: Link to MAS for sign-out of other devices in MSC3824 OIDC-aware mode #8616

Closed
hughns opened this issue Aug 18, 2023 · 7 comments · Fixed by #8620
Closed

EA: Link to MAS for sign-out of other devices in MSC3824 OIDC-aware mode #8616

hughns opened this issue Aug 18, 2023 · 7 comments · Fixed by #8620
Assignees
@bmarty
Labels
A-Account data T-Enhancement New features, changes in functionality, performance boosts, user-facing improvements

Comments

@hughns
Copy link
Member

hughns commented Aug 18, 2023
edited
Loading

Element Android was previously made "OIDC-aware" (as described by MSC3824).

In the case of OIDC-aware clients, you cannot sign out of other sessions via the device manager in EA anymore. Instead, users will need to be guided towards the MAS UI to take this actions.

MSC3824 now describes this requirement including a format of a deep link structure to pass the device ID: ?action=session_end&device_id=<device_id>
@hughns hughns changed the title Direct to MAS for sign-out in MSC3824 OIDC-aware mode Link to MAS for sign-out in MSC3824 OIDC-aware mode Aug 18, 2023
@hughns hughns changed the title Link to MAS for sign-out in MSC3824 OIDC-aware mode EA: Link to MAS for sign-out in MSC3824 OIDC-aware mode Aug 18, 2023
bmarty added a commit that referenced this issue Aug 22, 2023
@bmarty
OIDC redirect to the web page to delete a session (legacy session man…
12395e9 
…ager) #8616
bmarty added a commit that referenced this issue Aug 22, 2023
@bmarty
Hide multi signout if we have an external account manager (#8616)
8941e63
bmarty added a commit that referenced this issue Aug 22, 2023
@bmarty
OIDC redirect to the web page to delete a session (new session manager)
880ed69 
#8616
@bmarty bmarty mentioned this issue Aug 22, 2023
Merged
15 tasks
@bmarty bmarty self-assigned this Aug 22, 2023
@pmaier1
Copy link

pmaier1 commented Aug 25, 2023
edited
Loading

  • We should add wording to let the user understand what's happening: "You will be redirected to your server's authentication provider to complete sign out."
  • If the server doesn't advertise an account management URL, the client should show a message saying that the functionality is currently unavailable and the user should contact the administrator.

@julioromano julioromano added T-Enhancement New features, changes in functionality, performance boosts, user-facing improvements A-Account data labels Aug 28, 2023
@pmaier1
Copy link

pmaier1 commented Aug 28, 2023

This is how iOS implements it element-hq/element-ios#7658

@pmaier1
Copy link

pmaier1 commented Sep 14, 2023

@bmarty from testing, we've found that there is no prompt to let the user know what's actually happening, ref. #8616 (comment). Can you check?

@pmaier1 pmaier1 reopened this Sep 14, 2023
@hughns hughns changed the title EA: Link to MAS for sign-out in MSC3824 OIDC-aware mode EA: Link to MAS for sign-out of other devices in MSC3824 OIDC-aware mode Sep 14, 2023
@hughns
Copy link
Member Author

hughns commented Sep 14, 2023

I also did #8645 to change the browser used.

@manuroe manuroe closed this as completed Sep 15, 2023
@pmaier1
Copy link

pmaier1 commented Sep 15, 2023

@manuroe Can you link the PR that solves #8616 (comment), please?

@pmaier1 pmaier1 reopened this Sep 15, 2023
@bmarty bmarty mentioned this issue Sep 15, 2023
Open
@bmarty
Copy link
Member

bmarty commented Sep 15, 2023

@manuroe Can you link the PR that solves #8616 (comment), please?

This has not been done. I have created #8647 to handle it.

@hughns
Copy link
Member Author

hughns commented Sep 25, 2023

I'm closing this issue as #8647 has the remaining work

@hughns hughns closed this as completed Sep 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bmarty bmarty

Labels
A-Account data T-Enhancement New features, changes in functionality, performance boosts, user-facing improvements
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Feature/bma/OIDC session end element-hq/element-android
5 participants
@julioromano @bmarty @hughns @manuroe @pmaier1