Giters

asgardeo / asgardeo-auth-react-sdk

To maintain the implementation of Asgardeo React authentication SDK

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Trailing `/` on `signOutRedirectURL` breaks the application

SkNuwanTissera opened this issue · comments

commented

Describe the issue:

I configured Asgardeo IDP to a react application. I wanted to redirect back to http://localhost:3000 after the user logs out. I mistakenly put http://localhost:3000/ as the signOutRedirectURL and it results in a page like below when the user logs out.
Screenshot 2022-11-15 at 22 35 13

When I remove the /, it worked fine. But ideally (IMO) this shouldn't be validated.

How to reproduce:

Expected behavior:

Environment information (Please complete the following information; remove any unnecessary fields) :

  • Product Version: [e.g., IS 5.10.0, IS 5.9.0]
  • OS: [e.g., Windows, Linux, Mac]
  • Database: [e.g., MySQL, H2]
  • Userstore: [e.g., LDAP, JDBC]

Optional Fields

Related issues:

Suggested labels:

commented

Hi Nuwan,

The redirect URI specified in the authentication flow should be exactly similar to the redirect URI/s registered in the Asgardeo application, for security reasons. Hence this behaviour is expected.