[FLI-1041] [Bug]: Logout seems broken

[markphelps]

Bug Description

I've noticed this when using OIDC auth with Keycloak, this likely might be broken for other OIDC auth providers as well.

Whenever Im logged in using Keycloak OIDC, and I click logout in the UI, it doesn't actually log me out. Or at least if it does, it quickly re-logs me back in.

mp4 attached:

2024-05-28.16.28.28.mp4

Version Info

Main

Search

• I searched for other open and closed issues before opening this

Steps to Reproduce

1. Setup Keycloak for OIDC
2. Configure Flipt, config below:

authentication:
  required: true
  session:
    domain: localhost
  methods:
    oidc:
      enabled: true
      providers:
        keycloak:
          issuer_url: http://localhost:8080/realms/flipt
          redirect_address: http://localhost:8081
          client_id: flipt
          client_secret: <redacted>

3. Login via Keycloak
4. Try to logout
5. Notice behavior above

Expected Behavior

Log out of Flipt UI, cookies and sessions are cleared. Get returned back to Flipt login screen

Additional Context

This could be due to my change in #3082, as the iss issued from the Keycloak token is:

iss":"http://localhost:8080/realms/flipt"

_FLI-1041

[GeorgeMac]

Perhaps @markphelps we need to await expireAuthSelf():
https://github.com/flipt-io/flipt/pull/3082/files#diff-ec6405e76cd840d6ca99f49eeaa2e747155b209f2776b0ac228f4d319314def5R60
My guess is this is a race on that expire self request being handled by the browser before it navigates away to the issuer.
Prior to that you had the explicit then() promise chain.
We need to have that request be handled by the browser context first, so that the response tells it to clear that specific cookie.