Page is still authenticated after gitlab is logout

I am using KnpUOAuth2ClientBundle for Symfony 5. When I enter the page, if user is not logged, then it redirects to gitlab page and on authentication it successfully redirects to my homepage where it stores cookie.

But after I logout gitlab and check my homepage, it still works as cookie is stored.

This seems to be error. What should I do so that if gitlab is logout, the cookie is cleared.

This is my security.yaml file

            id: AppSecurityUserProvider
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
            anonymous: true
                    - AppSecurityGitlabAuthenticator
        - { path: ^/connect, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_USER }

I am not sure what I am trying to do is correct or not. Inside GitlabAuthController I have connectAction method where I am trying to clear the cookie set

  public function connectAction(ClientRegistry $clientRegistry): RedirectResponse
        if ($this->logout()->getStatusCode() === 200) {
            // will redirect to gitlab!
            return $clientRegistry
                ->getClient('gitlab') // key used in config/packages/knpu_oauth2_client.yaml

public function logout()
        $response = new Response();
        return $response->send();

But with this one I am getting Invalid state parameter passed in callback URL. error.

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *