owncloud · kulmann · May 14, 2024 · May 7, 2024
diff --git a/changelog/unreleased/bugfix-idp-logout-issues b/changelog/unreleased/bugfix-idp-logout-issues
@@ -0,0 +1,5 @@
+Bugfix: IDP logout issues
+
+Falsely showing the logout page after opening ownCloud Web with an expired token has been fixed.
+
+https://github.com/owncloud/web/pull/10881
diff --git a/packages/web-runtime/src/services/auth/authService.ts b/packages/web-runtime/src/services/auth/authService.ts
@@ -252,14 +252,10 @@ export class AuthService {
       })
     }
     if (isUserContextRequired(this.router, route) || isIdpContextRequired(this.router, route)) {
-      // defines a number of seconds after a token expired.
-      // if that threshold surpasses we assume a regular token expiry instead of an auth error.
-      // as a result, the user will be logged out.
-      const TOKEN_EXPIRY_THRESHOLD = 5
-
       const user = await this.userManager.getUser()
-      if (user?.expires_in && user.expires_in < -TOKEN_EXPIRY_THRESHOLD) {
-        return this.logoutUser()
+      if (user?.expires_in !== undefined && user.expires_in < 0) {
+        // token expired, simply return and let the regular auth flow do its thing
+        return
       }
 
       await this.userManager.removeUser('authError')