使用oauth从外部登录服务(Gmail，facebook)注销 [英] Logout from external login service (Gmail, facebook) using oauth

问题描述

我有一个ASP.NET MVC 4应用程序，该应用程序允许用户使用外部服务(如Gmail)登录.

I have an ASP.NET MVC 4 application that allows users to login with external service like Gmail.

到目前为止，用户可以登录并在应用程序内部导航.但是问题出在注销中.我有一个用于注销该请求的按钮，该请求调用我的AccountController内部的控制器操作LogOff().在该方法中，如果通过oauth对用户进行身份验证，如何注销?

So far, the user is able to login and navigate inside the application. But The problem is in logout. I have a button to logout that request call the controller action LogOff() inside my AccountController. Inside that method, how can I logout if the user is authenticated via oauth?

使用本地帐户，我使用:

With a local account, I use:

public ActionResult LogOff()
        {
            WebSecurity.Logout();
            return RedirectToAction("Login", "Account");
        }

但是使用oauth时，我看不到任何类似的东西... 我想我需要清除某种Cookie，但我不知道如何...

But with oauth I don't see anything similar... I think I need to clear some kind of cookie but I don't know how...

推荐答案

基于此，我实现了以下客户端端解决方案(我之前曾问过用户是否也要在提供程序中注销):

Based on this, I implemented the following client-side solution (I'm asking previously if the user want to logout also in the provider):

//get accountType, accessToken, redirectUrl and clientID
var accountType = ...;
var accessToken = ...;
var redirectUrl = ...;
var clientID = ...;
$("#logoutConfirmButton").on('click', function () {
    externalLogout();
});

function externalLogout() {
    var url, params;
    if (accountType== "facebook") {
        url = "https://www.facebook.com/logout.php";
        params = {
            next: redirectUrl,
            access_token: encodeURIComponent(accessToken)
        };
        performCallLogout(url, params, accountType);
    } else if (accountType== "google") {
        url = "https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout";
        params = {
            next: redirectUrl
        }
        performCallLogout(url, params, accountType);
    } else if (accountType == "microsoft") {
        url = "https://login.live.com/oauth20_logout.srf";
        params = {
            clientId: clientID,
            redirectUrl: redirectUrl
        }
        performCallLogout(url, params, accountType);
    }
}

function performCallLogout(url, params, accountType) {
    if (accountType == "facebook") {
        window.location.href = url + "?next=" + params.next + "&access_token=" + params.access_token;
    } else if (accountType == "google") {
        window.location.href = url + "?continue=" + params.next;
    } else if (accountType == "microsoft") {
        window.location.href = url + "?client_id=" + params.clientId + "&redirect_url=" + params.redirectUrl;
    }
}

希望这对某人有所帮助.

Hope this help someone.

这篇关于使用oauth从外部登录服务(Gmail，facebook)注销的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！