fix: logout URI needs idToken

okta · Apr 20, 2021 · 6842f2a · 6842f2a
1 parent 9a5ac3d
commit 6842f2a
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -41,7 +41,8 @@ This library uses semantic versioning and follows Okta's [library version policy
 
 | Version   | Status                           |
 | -------   | -------------------------------- |
-| `4.x`     | :heavy_check_mark: Stable        |
+| `5.x`     | :heavy_check_mark: Stable        |
+| `4.x`     | :warning: Retiring on 2022-01-30 |
 | `3.x`     | :warning: Retiring on 2021-05-30 |
 | `2.x`     | :x: Retired                      |
 | `1.x`     | :x: Retired                      |
@@ -56,6 +57,8 @@ If you run into problems using the SDK, you can:
 * Ask questions on the [Okta Developer Forums][devforum]
 * Post [issues][github-issues] here on GitHub (for code errors)
 
+Users migrating from version 4.x of this SDK should see [Migrating from 4.x](#migrating-from-previous-versions) to learn what changes are necessary.
+
 ### Browser compatibility / polyfill
 
 This SDK is known to work with current versions of Chrome, Firefox, and Safari on desktop and mobile.
@@ -2711,6 +2714,10 @@ We have implemented a small SPA app, located at `./test/app/` which is used inte
 
 The [CHANGELOG](CHANGELOG.md) contains details for all changes and links to the original PR.
 
+### From 4.x to 5.x
+
+* Token auto renew requires [running OktaAuth as a service](#running-as-a-service). To start the service, call [start()](#start).
+
 ### From 3.x to 4.x
 
 * Now using named exports. You should change code like

diff --git a/lib/OktaAuth.ts b/lib/OktaAuth.ts
@@ -430,6 +430,10 @@ class OktaAuth implements SigninAPI, SignoutAPI {
       accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;
     }
 
+    if (!options.idToken) {
+      options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;
+    }
+
     // Clear all local tokens
     this.tokenManager.clear();
 

diff --git a/scripts/e2e-oie.sh b/scripts/e2e-oie.sh
diff --git a/test/spec/OktaAuth/browser.ts b/test/spec/OktaAuth/browser.ts
@@ -322,7 +322,7 @@ describe('OktaAuth (browser)', function() {
         spyOn(auth, 'closeSession').and.returnValue(Promise.resolve());
         return auth.signOut()
           .then(function() {
-            expect(auth.tokenManager.getTokensSync).toHaveBeenCalledTimes(3);
+            expect(auth.tokenManager.getTokensSync).toHaveBeenCalledTimes(4);
             expect(auth.revokeAccessToken).toHaveBeenCalledWith(accessToken);
             expect(auth.tokenManager.clear).toHaveBeenCalled();
             expect(auth.closeSession).toHaveBeenCalled();
@@ -335,7 +335,7 @@ describe('OktaAuth (browser)', function() {
         global.window.location.href = origin;
         return auth.signOut()
           .then(function() {
-            expect(auth.tokenManager.getTokensSync).toHaveBeenCalledTimes(3);
+            expect(auth.tokenManager.getTokensSync).toHaveBeenCalledTimes(4);
             expect(auth.revokeAccessToken).toHaveBeenCalledWith(accessToken);
             expect(auth.tokenManager.clear).toHaveBeenCalled();
             expect(auth.closeSession).toHaveBeenCalled();