Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Igor Wojda
March 26, 2018
Technology
360
2
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
260
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.7k
Modern, maintainable and coRRRect project
igorwojda
0
190
Why do we need Clean Architecture
igorwojda
23
8.9k
Other Decks in Technology
See All in Technology
Tech-Verse 2026_Keynote
lycorptech_jp
PRO
0
130
5分でわかる Amazon Connect_20260608
hwangbyeonghun
0
180
AWS Summit 2026で見えたSIerにとっての Amazon Quickの位置づけ
maf_0521
0
160
ゼロをイチにする仕事が終わったあと
smasato
0
280
AIで政治は変わるのか? — 中高生と考えたAI時代の民主主義(東海高校サタデープログラム)
eitarosuda
0
380
Keeping applications secure by evolving OAuth 2.0 and OpenID Connect
ahus1
PRO
1
140
AIに障害切り分けを全部やってもらった。 。 。 。
estie
0
350
Claude Codeとハーネスについて考えてみる
oikon48
17
8.2k
認証認可だけじゃない! ID管理の構成要素と ライフサイクルを意識しよう
ritou
1
470
打造你的 AI 工作流:Agent Skill + MCP 實戰工作坊
appleboy
0
530
美しいコードを書くためにF#を学んでみた話
yud0uhu
1
160
AWS Summit Japan 2026の振り返りと2027へ向けて / AWS Summit Japan 2026 Recap and Prospects for 2027
kaminashi
1
190
Featured
See All Featured
Tell your own story through comics
letsgokoyo
1
980
B2B Lead Gen: Tactics, Traps & Triumph
marketingsoph
0
170
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
1
170
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
240
How to build an LLM SEO readiness audit: a practical framework
nmsamuel
1
800
Design in an AI World
tapps
1
260
Code Review Best Practice
trishagee
74
20k
The #1 spot is gone: here's how to win anyway
tamaranovitovic
3
1.1k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
techseoconnect
PRO
0
250
The Curious Case for Waylosing
cassininazir
1
420
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.8k
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]