Prevent automatic oauth login after logout (#1362)

Add prompt=consent/login to display oauth consent page on login. --------- Co-authored-by: Mathijs de Bruin <[email protected]>
Chainlit · Oct 2, 2024 · 11664b3 · 11664b3
1 parent 1d3ffd4
commit 11664b3
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/backend/chainlit/oauth_providers.py b/backend/chainlit/oauth_providers.py
@@ -37,6 +37,7 @@ def __init__(self):
         self.client_secret = os.environ.get("OAUTH_GITHUB_CLIENT_SECRET")
         self.authorize_params = {
             "scope": "user:email",
+            "prompt": "consent",
         }
 
     async def get_token(self, code: str, url: str):
@@ -95,6 +96,7 @@ def __init__(self):
             "scope": "https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email",
             "response_type": "code",
             "access_type": "offline",
+            "prompt": "login",
         }
 
     async def get_token(self, code: str, url: str):
@@ -162,6 +164,7 @@ def __init__(self):
             "response_type": "code",
             "scope": "https://graph.microsoft.com/User.Read",
             "response_mode": "query",
+            "prompt": "login",
         }
 
     async def get_token(self, code: str, url: str):
@@ -246,6 +249,7 @@ def __init__(self):
             "scope": "https://graph.microsoft.com/User.Read https://graph.microsoft.com/openid",
             "response_mode": "form_post",
             "nonce": nonce,
+            "prompt": "login",
         }
 
     async def get_token(self, code: str, url: str):
@@ -325,6 +329,7 @@ def __init__(self):
             "response_type": "code",
             "scope": "openid profile email",
             "response_mode": "query",
+            "prompt": "login",
         }
 
     def get_authorization_server_path(self):
@@ -396,6 +401,7 @@ def __init__(self):
             "response_type": "code",
             "scope": "openid profile email",
             "audience": f"{self.original_domain}/userinfo",
+            "prompt": "login",
         }
 
     async def get_token(self, code: str, url: str):
@@ -453,6 +459,7 @@ def __init__(self):
             "response_type": "code",
             "scope": "openid profile email",
             "audience": f"{self.domain}/userinfo",
+            "prompt": "login",
         }
 
     async def get_token(self, code: str, url: str):
@@ -511,6 +518,7 @@ def __init__(self):
             "response_type": "code",
             "client_id": self.client_id,
             "scope": "openid profile email",
+            "prompt": "login",
         }
 
     async def get_token(self, code: str, url: str):
@@ -579,6 +587,7 @@ def __init__(self):
         self.authorize_params = {
             "scope": "openid profile email",
             "response_type": "code",
+            "prompt": "login",
         }
 
     async def get_token(self, code: str, url: str):

diff --git a/frontend/src/components/molecules/auth/AuthLogin.tsx b/frontend/src/components/molecules/auth/AuthLogin.tsx
@@ -75,6 +75,7 @@ const AuthLogin = ({
     setErrorState(undefined);
     formik.resetForm();
   }, [showSignIn]);
+
   useEffect(() => {
     setErrorState(error);
   }, [error]);