@andi At this point I am not even messing with the webhook. I am just trying to get the basic logout functionality to work correctly.
So digging around some more I realized I am using your OAuthManager (from your oauth plugin) as part of my plugin. In the OAuthManager class you have:
public function continueFlow()
{
return $this->loginByService() or
$this->loginBySession() or
$this->loginByCookie();
}
I have tried removing the loginByCookie
, and it still lets me (automatically) log in when I click on my LOGIN With OAUTH button , but if I remove the loginBySession
it does not let me log in at all.
Another thing I noticed is when I am logged in with a user using oauth, and I click on LOGOUT, it returns me to the login page, but it retains the current session_id()
and the data in $_SESSION[DOKU_COOKIE]
. I would assume on logout those would both be destroyed. I tried adding session_destroy()
after you unset your $_SESSION[DOKU_COOKIE]
in auth_logoff
but that prevented me from logging in at all for some reason.
All that to say, can you think of anywhere in your oauth code that is storing oauth data for a user in a cookie or a session, or somewhere else?
Here is my current process.. (with $this->loginByCookie() removed)
- Login user using Oauth. It takes me to outside site to login with my credentials. Returns me to Dokuwiki logged in.
- Click on LOGOUT button
- Get returned to login page, but session_id and $_SESSION[DOKU_COOKIE] data remains the same
- Clear out local session data using browser extension to delete them
- Clear out users record from users.auth.php
- refresh login page to see that session_id has changed and $_SESSION[DOKU_COOKIE] data has been cleared.
- Click on LOGIN WITH OAUTH button
- Automatically logs me in and populates $_SESSION[DOKU_COOKIE]
My expected behavior is that when I click on LOGIN WITH OAUTH in step 7, it would take me to the actual site for logging in like it did in step 1.
Also of note...after step one, if I refresh the page, it takes me back to the login page and says I am logged out.
If I add $this->loginByCookie(), everything works as far as keeping me logged in.
And to your last point in your last response, unfortunately I dont have the option for break points. I dont have an IDE to use, I am having to do all of this through a terminal which just makes everything harder.
Anyway, I am hoping there is something in all of these ramblings that might spark an idea in you of what might be happening. Thanks.