Logging out users
A user is treated as logged in as long as the user has an access token for the operation to be executed. To log out the user, the access token must be removed.
You can remove the access token by calling the logout function on the UserClient. The Android SDK will also send a request to the IDAAS-core to remove the access token to ensure the token is invalidated both on the client as server side. If a refresh token is stored on the device, it will remain after the logout action, so it can be used to log in again later.
OneginiClient.getInstance().getUserClient().logout(
new OneginiLogoutHandler() {
@Override
public void onSuccess() {
// Go to home screen
}
@Override
public void onError(final LogoutError error) {
// Handle the error or simply ignore and return to home screen
}
}
);
Example code: to log out a user
@OnClick(R.id.button_logout)
public void logout() {
final OneginiClient oneginiClient = OneginiSDK.getOneginiClient(this);
final UserProfile userProfile = oneginiClient.getUserClient().getAuthenticatedUserProfile();
OneginiSDK.getOneginiClient(this).getUserClient().logout(
new OneginiLogoutHandler() {
@Override
public void onSuccess() {
// Go to login screen
showToast("logoutSuccess");
startLoginActivity();
}
@Override
public void onError(final OneginiLogoutError oneginiLogoutError) {
handleLogoutError(oneginiLogoutError, userProfile);
}
}
);
}
private void handleLogoutError(final OneginiLogoutError oneginiLogoutError, final UserProfile userProfile) {
@OneginiLogoutError.LogoutErrorType final int errorType = oneginiLogoutError.getErrorType();
if (errorType == OneginiLogoutError.DEVICE_DEREGISTERED) {
new DeregistrationUtil(this).onDeviceDeregistered();
} else if (errorType == OneginiLogoutError.USER_DEREGISTERED) {
new DeregistrationUtil(this).onUserDeregistered(userProfile);
}
// other errors don't really require our reaction, but you might consider displaying some message to the user
showToast("Logout error: " + oneginiLogoutError.getMessage());
startLoginActivity();
}
