locked
[U8.1]WebAuthenticationBroker - clearing cookies when using ApplicationCallbackUri RRS feed

  • Question

  • Related to this thread: https://social.msdn.microsoft.com/forums/windowsapps/en-us/d5c0a501-16c9-4862-91af-3247ad091acf/clear-authenticationbroker-cookies

    This is a major pain and just a huge architectural miss in my opinion.

    I understand that when using the ApplicationCallbackUri you are given a separate container so that the cookies stored in that container give you SSO. All that is great but then how does the user logout??? Somebody answered in the other thread that the service will need to remove the cookies... that's not possible at all. Here I'm using feedly oAuth in my app and trying to implement ApplicationCallbackUri as the oAuth redirect url. Everything works but then I am stuck with the user id that I used to sign-in initially. To logout, I am actually calling feedly's API to logout and they are in fact clearing the necessary cookies but guess what since the logout call isn't a part of webauthenticationbroker it doesn't effect the exclusive container that it uses for SSO. So even though, the app is logged out the authentication broker still thinks it;s logged in and there is NO WAY to clear that.

    Is there a plan to fix this in Windows 10?


    Tuesday, June 23, 2015 12:07 AM

Answers