59 lines
1.8 KiB
TypeScript
59 lines
1.8 KiB
TypeScript
"use client";
|
|
|
|
import { useEffect } from "react";
|
|
import { signOut, useSession } from "next-auth/react";
|
|
import { clearAuthCookies } from "@/lib/session";
|
|
|
|
export function SignOutHandler() {
|
|
const { data: session } = useSession();
|
|
|
|
useEffect(() => {
|
|
const handleSignOut = async () => {
|
|
try {
|
|
// Get Keycloak issuer from environment
|
|
const keycloakIssuer = process.env.NEXT_PUBLIC_KEYCLOAK_ISSUER;
|
|
const idToken = session?.idToken;
|
|
|
|
// First, sign out from NextAuth (clears NextAuth cookies)
|
|
await signOut({
|
|
callbackUrl: "/signin",
|
|
redirect: false
|
|
});
|
|
|
|
// Clear NextAuth cookies client-side
|
|
clearAuthCookies();
|
|
|
|
// If we have Keycloak ID token and issuer, call Keycloak logout
|
|
if (keycloakIssuer && idToken) {
|
|
const keycloakLogoutUrl = new URL(
|
|
`${keycloakIssuer}/protocol/openid-connect/logout`
|
|
);
|
|
|
|
// Add required parameters
|
|
keycloakLogoutUrl.searchParams.append(
|
|
'post_logout_redirect_uri',
|
|
window.location.origin + '/signin'
|
|
);
|
|
keycloakLogoutUrl.searchParams.append(
|
|
'id_token_hint',
|
|
idToken
|
|
);
|
|
|
|
// Redirect to Keycloak logout (this will clear Keycloak cookies)
|
|
window.location.href = keycloakLogoutUrl.toString();
|
|
} else {
|
|
// Fallback: just redirect to signin if we don't have Keycloak info
|
|
window.location.href = '/signin';
|
|
}
|
|
} catch (error) {
|
|
console.error('Error during sign out:', error);
|
|
// Fallback: redirect to signin on error
|
|
window.location.href = '/signin';
|
|
}
|
|
};
|
|
|
|
handleSignOut();
|
|
}, [session]);
|
|
|
|
return null;
|
|
}
|