7

Is it possible to clear browsing data, cookies, active logins, etc. behind the scenes(programatically) on chrome custom tabs?

My goal is to have the user be prompted to login every time they open the custom tab (instead of being logged in automatically)

schwartzdotwork
  • 113
  • 1
  • 16
  • Hi Brian, although its old. Could you please share if you remember, how did you solve the problem? I am stuck on that issue. – Sazzad Hissain Khan Jul 13 '19 at 08:36
  • If user has to login every time in each tab, then what about the sessions in old tabs? Will all tabs have same session or previously opened tab session will be expired? – khush Apr 12 '21 at 09:32

2 Answers2

6

Shared cookie jar and permissions model so users don't have to log in to sites they are already connected to, or re-grant permissions they have already granted.

Chrome Custom Tabs is the Chrome browser (via the Chrome service and custom Intents) and thus the cache, cookies, etc.. are shared (actually the same).

The answer is no, you can not programmatically clear the data of Chrome.

Note: Right now there is no support of creating an Incognito-based Custom Tab

I would issue the user a transient/session cookie so it does not get persisted if you wish to forced a re-login on the start of every new session.

SushiHangover
  • 73,120
  • 10
  • 106
  • 165
  • 2
    can you please elaborate how to force re-login on start of every new session? I'm stuck with the same problem. – Onkar Nene Nov 09 '17 at 11:33
  • @RoyMiller If you control the Auth2 process, use session-based cookies – SushiHangover Nov 10 '17 at 01:40
  • @SushiHangover how can I configure session-based cookie in CCT? – Sazzad Hissain Khan Jul 13 '19 at 08:36
  • @SazzadHissainKhan You do not configure cookies in CCT, just send a "session" cookie from your server (i.e. one with its expiration set to zero, DateTime.MinValue in C#, etc...) – SushiHangover Jul 13 '19 at 13:59
  • @SushiHangover it would be great if i get any reference or code snippets. Thanks. – Sazzad Hissain Khan Jul 13 '19 at 17:00
  • In my case i am proceeding login to a third party server and when i log out from app I need to log out from that server as well but I cannot control third party server so on the next login trial it automatically getting logged in without showing login page because cookies are in chrome and I cannot clear it as you said. This is a very crucial situation. – Sazzad Hissain Khan Jul 13 '19 at 17:04
  • 2
    @SazzadHissainKhan You would need to allow that 3rd party server to logout the user in order for it to clear/reset the cookies that they own...since I do not know what service you are using, you would need to consult their rest/web/javascript/... API to determine what their logout url/query string is. – SushiHangover Jul 13 '19 at 17:15
  • I got it. Thanks a lot. SushiHangover. – Sazzad Hissain Khan Jul 13 '19 at 17:30
5

"My goal is to have the user be prompted to login every time they open the custom tab (instead of being logged in automatically)"

As of now July 2020, on appauth's request builder you can use the method setPrompt(AuthorizationRequest.Prompt.LOGIN)

This will prompt the user to login every time.

If this method isn't provided and let's say there is some persistence needed (to log the user in automatically after they have logged in). If the server issues cookies to do this Currently it is a challenge to log the user out using an endpoint

Chief
  • 854
  • 12
  • 27