从Identity Server 4注销不能从客户端注销 [英] Logging out from Identity Server 4 won't log out from Client
本文介绍了从Identity Server 4注销不能从客户端注销的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我遇到与https://github.com/IdentityServer/IdentityServer4/issues/3153类似的问题
我使用的是Asp Net Identity和EF Core的组合示例,一切正常工作,数据库、种子、API调用,但当我尝试从IS页面注销时除外。它不会删除使用户登录到客户端的.AspNetCore.Cookies
。
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Logout(LogoutInputModel model)
{
// build a model so the logged out page knows what to display
var vm = await BuildLoggedOutViewModelAsync(model.LogoutId);
if (User?.Identity.IsAuthenticated == true)
{
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: User Is Authenticated" + "</AUDIT>");
try
{
await _signInManager.SignOutAsync();
await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
// raise the logout event
await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName()));
}
catch (NotSupportedException)
{
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: SignOutAsync Not Supported" + "</AUDIT>");
}
}
/* https://github.com/IdentityServer/IdentityServer4/issues/855 */
// check if we need to trigger sign-out at an upstream identity provider
// delete local authentication cookie
Response.Cookies.Delete(".AspNetCore.Identity.Application");
Response.Cookies.Delete("idserv.external");
Response.Cookies.Delete("idserv.session");
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: Trigger external signout " + vm.TriggerExternalSignout + "</AUDIT>");
if (vm.TriggerExternalSignout)
{
// build a return URL so the upstream provider will redirect back
// to us after the user has logged out. this allows us to then
// complete our single sign-out processing.
string url = Url.Action("Logout", new { logoutId = vm.LogoutId });
//url = _configuration["AppSettings:PostLogoutRedirectUri"];
url = vm.PostLogoutRedirectUri;
//url = "redirect.html";
// this triggers a redirect to the external provider for sign-out
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: Redirect to " + url + "</AUDIT>");
return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme);
}
return View("LoggedOut", vm);
}
我在ANGLE客户端和MVC应用程序中遇到了相同的问题。
如果我手动删除.AspNetCore.Identity.Application
,则客户端将注销。我正在使用keycloak
进行身份验证,并使用
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
启动中包含配置选项。
推荐答案
我能够通过手动删除应用程序Cookie注销。一开始我在删除它时遇到了问题,因为我没有指定应用程序路径。指定Cookie路径后,我可以删除该Cookie。
Response.Cookies.Delete(".AspNetCore.Identity.Application", new CookieOptions()
{
Path = "/eds-daas"
});
这篇关于从Identity Server 4注销不能从客户端注销的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文