Google-api-javascript-client: GoogleAuth.signOut() does not sign out from Google

Created on 12 Apr 2018  路  11Comments  路  Source: google/google-api-javascript-client

I am able to use "Login with Google" successfully and now trying to implement Logout from Google using below standard Google javascript SDK for logout. It executes without any error and displays "User signed out" but does not logout user from gmail (or any google signed in in another tab ). How to logout a user from Google itself?


Most helpful comment

I have the same issue. Try this solution, it works at my project:
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
});
auth2.disconnect();

All 11 comments

From the documentation: https://developers.google.com/identity/sign-in/web/sign-in#sign_out_a_user, the signOut() method enables users to sign out of your app without signing out of Google.

From Google's point of view, a third party app should not force Google to clear its session. End user can do that on google.com if he likes.

Close this issue, since it works as intended.

@kongguibin but facebook has an opposite view right? from their point of view, an app should leave them the way they are prior to logging into the third party app

I have the same issue. Try this solution, it works at my project:
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
});
auth2.disconnect();

Didn't work for me @hostbrook , after hours of searching I realized that all Oauth services don't log off from their respective platforms on signOut. It's upto the user to log off from the platform they logged-in from. Try doing it on an incognito, say Google OAuth, Even after signing out, open a new tab and check out gmail.com or something, you'd still be logged in.

This unfortunately is the standard behaviour on any OAuth

I have the same problem. Maybe I don't understand the issue but here is my situation. I have an app the user logs in. Now I want the user to logout and a have another (different) user log in. This does not work.
The first users is always logged in. It kinda works in incognito and FF. What would happen if the a user runs the app from a public library computer.

@mastronardif it rests on the user to go to the platform website and safely log off. OAuth logins aren't safe/meant for public computers. They're there so the users can skip the hassle of filling up pages of sign up forms.

Logging off from the parent app won't logoff the user from the platform itself. I've spent days and nights about this behaviour thinking it was a bug on my side. Not to worry, it's a default behavior. To protect your users and keep them informed, maybe you can add a note saying they should log off from their respective platforms once they're done using the app if its a public computer. It definitely is a huge risk and I'm surprised the OAuth standard didn't consider this.

Hello
I have the same issue. I've implemented Google Sign In SDK and I'm using [[GIDSignIn sharedInstance]signout]; to log a user out. It is bound to a button. My question is, why is there even a GIDSignIn signout if it doesn't sign the user out of Google?

I have the same issue. Try this solution, it works at my project:
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
});
auth2.disconnect();

Probably you don't want to use disconnect
1) It revokes all the permissions. So the user will need to grant them again.
2) It deletes all the user settings associated with your site. E.G. https://developers.google.com/drive/api/v3/appdata

The only reason gapi.auth2.getAuthInstance().signOut() exists is to allow to switch between users:
image

To be honest, I don't understand why not to like this feature. Google takes all the authorization fuss and puts it in a single place. Why isn't it cool?

Anyway, disconnect() isn't a workaround. The best thing you can do about this issue is to educate the user with something like that:

Privacy note!
It seems you just signed out from example.com.
If other people have access to this browser
AND you don't want them to read your data:

  1. sign out globally: https://accounts.google.com/Logout
  2. delete Google account password from the browser

The only reason gapi.auth2.getAuthInstance().signOut() exists is to allow to switch between users:

This is precisely what I was trying to use signOut() for, and for me, it is not working (googling led me to this page).

It does someting, because next time on sign-in, the google flow redirects a couple more times. But it does not allow me to switch accounts. It just automatically logs into the account I chose the first time around. I only ever see that "Choose an account" screen once, until I clear all cache and cookies (which _does_ sign me out of my Google account, btw)

Why? how do I make it work?

Edit: I found I had to force account-selection by passing options to signIn():

gapi.auth2.getAuthInstance().signIn({
    prompt: 'select_account'
});

gapi.auth2.getAuthInstance().signOut() might work 'as designed', but it does not work 'as expected'. If it works as designed then why provide a sample that clearly illustrates 'works as expected', although it doesn't work.
See:
https://github.com/google/google-api-javascript-client/blob/master/samples/authSample.html
This code does not work.
signOut() is called, does not return an error, does not sign out, and does not call the listener, updateSigninStatus(). The only way to reset the signIn is by going to a google page and signing out.
Unless you want developers to chase their tails trying to figure out what's wrong, or write bug reports, I suggest you remove the sample code, or annotate it, or fix it so that it does work. I notice that it has a 2011 copyright--maybe it worked correctly back then?

Was this page helpful?
0 / 5 - 0 ratings