Automatically re-authenticate on single-logout (#28723)

Automatically forces the user to re-authenticate from the Admin and Account consoles when a single-logout occurs.

Closes #23832
Closes #23833

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>

js/apps/account-ui/src/root/KeycloakContext.tsx

@@ -42,12 +42,17 @@ export const KeycloakProvider = ({
   const [init, setInit] = useState(false);
   const [error, setError] = useState<unknown>();
   const keycloak = useMemo(
-    () =>
+    () => {
-      new Keycloak({
+      const keycloak = new Keycloak({
         url: environment.authUrl,
         realm: environment.realm,
         clientId: environment.clientId,
-      }),
+      });
+
+      keycloak.onAuthLogout = () => keycloak.login();
+
+      return keycloak;
+    },
     [environment],
   );
 
@@ -57,13 +62,11 @@ export const KeycloakProvider = ({
       return;
     }
 
-    const init = () => {
+    const init = () => keycloak.init({
-      return keycloak.init({
+      onLoad: "check-sso",
-        onLoad: "check-sso",
+      pkceMethod: "S256",
-        pkceMethod: "S256",
+      responseMode: "query",
-        responseMode: "query",
+    });
-      });
-    };
 
     init()
       .then(() => setInit(true))

js/apps/admin-ui/src/keycloak.ts

@@ -8,6 +8,8 @@ export const keycloak = new Keycloak({
   clientId: environment.clientId,
 });
 
+keycloak.onAuthLogout = () => keycloak.login();
+
 export async function initKeycloak() {
   const authenticated = await keycloak.init({
     onLoad: "check-sso",