The class is really fine, it's working perfectly fine but I found an issue with the single sign on process using oauth. When any user authenticates himself/herself using any provider e.g. google or facebook, they are also logged in to the provider at the same time. If you open the gmail or facebook in a new tab in the same browser, it will take you to the home page. Do you think you should provide a logout handler function which will also signout the user from the provider site i.e., if i am logged in using google and call the logout handler then it should log me out from google too.
|2012-12-20 01:26:59 - In reply to message 1 from brijendra singh|
|As far as I know, the OAuth protocol does not provide support for what you want.|
Tokens are granted to let your application access the server API even when the user is not present.
If your application wants to stop using the granted token, there is a standard way to revoke a token in OAuth 2.0, but that does not make the user be logged off from the provider.