IdentityServer4 PostLogoutRedirectUri为空 [英] IdentityServer4 PostLogoutRedirectUri null

问题描述

我正在尝试让IdentityServer4隐式工作.登录和注销工作正常，但是，尽管在需要设置的地方设置了值，但PostLogoutRedirectUri返回null.我想让注销过程在注销完成后重定向回我的应用程序.

I am attempting to get the implicit flow working for IdentityServer4. Login and logout work correctly, however the PostLogoutRedirectUri is coming back null, despite setting the value where it needs to be set. What I would like is for the logout process to redirect back to my application after the logout is complete.

我正确获取了logoutId，并且注销调用BuildLoggedOutViewModelAsync:

I am getting the logoutId correctly, and Logout calls BuildLoggedOutViewModelAsync:

[HttpPost]
    [ValidateAntiForgeryToken]
    public async Task<IActionResult> Logout(LogoutInputModel model)
    {
        var vm = await _account.BuildLoggedOutViewModelAsync(model.LogoutId);
...

此方法位于我的AccountService.cs类中，该类然后调用DefaultIdentityServiceInteractionService的GetLogoutContextAsync:

This method is located in my AccountService.cs class, which then calls the GetLogoutContextAsync of the DefaultIdentityServiceInteractionService:

public async Task<LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId)
    {
        // get context information (client name, post logout redirect URI and iframe for federated signout)
        var logout = await _interaction.GetLogoutContextAsync(logoutId);
...

哪个将创建IdentityServer4.Models.LogoutRequest.

Which creates a IdentityServer4.Models.LogoutRequest.

SignOutIFrameUrl字符串属性设置为"http://localhost:5000/connect/endsession/callback?sid=bf112f7785bc860fcc4351893012622e&logoutId=d6649e7f818d9709b2c0bc659696abdf"，但似乎在LogoutRequest中未填充任何其他内容.

The SignOutIFrameUrl string property is set to "http://localhost:5000/connect/endsession/callback?sid=bf112f7785bc860fcc4351893012622e&logoutId=d6649e7f818d9709b2c0bc659696abdf" but nothing else seems to have been populated in the LogoutRequest.

不幸的是，这意味着PostLogoutRedirectUri为空，而AutomaticRedirectAfterSignOut也为空，并且当加载LoggedOut.cshtml页面时，永远不会加载signout-callback.js文件:

Unfortunately, this means that the PostLogoutRedirectUri is null and the AutomaticRedirectAfterSignOut is also null, and when the LoggedOut.cshtml page is loaded, the signout-callback.js file is never loaded:

@section scripts
{
    @if (Model.AutomaticRedirectAfterSignOut)
    {
        <script src="~/js/signout-redirect.js"></script>
    }
}

这是我的配置设置.

Config.cs:

Config.cs:

public static IEnumerable<Client> GetClients()
    {
        return new List<Client>
        {
            new Client
            {
                ClientId = "implicit.client",
                AllowedGrantTypes = GrantTypes.Implicit,
                AllowAccessTokensViaBrowser = true,
                AllowedScopes = 
                {
                    IdentityServerConstants.StandardScopes.OpenId,
                    IdentityServerConstants.StandardScopes.Profile,
                    "ContractManagerAPI"
                },
                RedirectUris = { "http://localhost:9000/" },
                PostLogoutRedirectUris = { "http://localhost:9000/" },
                AllowedCorsOrigins = { "http://localhost:9000" },
                RequireConsent = false,

            }                
        };
    }

app.ts(js客户端):

app.ts (js client):

import {UserManager} from 'oidc-client';
import { inject, Factory } from 'aurelia-framework';

@inject(Factory.of(UserManager))
export class App {
  userManager: UserManager;

  constructor(userManagerFactory){
    let config = {
      authority: 'http://localhost:5000',
      client_id: 'implicit.client',
      response_type: 'id_token token',
      scope: 'openid profile ContractManagerAPI',
      redirect_uri: 'http://localhost:9000/',
      post_logout_redirect_uri: 'http://localhost:9000/'
    };

    this.userManager = userManagerFactory(config);
  }

  login(){
    this.userManager.signinRedirect();
  }

  logout(){
    this.userManager.signoutRedirect();
  }
}

Startup.cs的相关部分:

Relevant parts of Startup.cs:

services.AddIdentityServer()
                .AddTemporarySigningCredential()
                .AddInMemoryApiResources(Config.GetApiResources())
                .AddInMemoryClients(Config.GetClients())
                .AddInMemoryIdentityResources(Config.GetIdentityResources())
                .AddContractManagerUserStore()
                .AddProfileService<ContractManagerProfileService>();

在找出我要去哪里的问题方面提供的任何帮助将不胜感激.

Any assistance in figuring out where I'm going wrong would be greatly appreciated.

谢谢！

推荐答案

将id_token_hint arg传递给signoutRedirect()

pass id_token_hint arg to signoutRedirect()

您可以从signinRedirect()返回的User对象中获取id_token_hint；

you can get id_token_hint from the User object returned by signinRedirect();

所以可以说您的ts文件中有一个名为"user"的变量，该变量是由于用户通过signinRedirect()登录而设置的.

so lets say you got a variable called "user" in your ts file that got set as a result of the user logging in via signinRedirect().

那你就去做...

logout(){
    this.userManager.signoutRedirect({ 'id_token_hint': this.user.id_token });
}

这篇关于IdentityServer4 PostLogoutRedirectUri为空的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！