public ActionResult LogOff()
{
var openIdSettings = OpenIdSettings;
if (!String.IsNullOrEmpty(openIdSettings))
{
var config = OpenIdConfig.FromString(openIdSettings);
HttpContext.GetOwinContext().Authentication.SignOut(
new AuthenticationProperties {
RedirectUri = config.redirectUri
},
OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
return(new EmptyResult());
}
else
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
Session.Abandon();
ClearAllCookies();
Response.Cookies.Add(new HttpCookie(LOCALE_COOKIE, _userLocale.Locale));
return(Redirect("~/"));
}
}
private static void ConfigureOpenApiAuth(IAppBuilder app, String strConfig)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
var openIdConfig = OpenIdConfig.FromString(strConfig);
var opts = new OpenIdConnectAuthenticationOptions()
{
ClientId = openIdConfig.clientId,
Authority = openIdConfig.aadInstance + openIdConfig.tenantId + "/v2.0",
PostLogoutRedirectUri = openIdConfig.redirectUri,
RedirectUri = openIdConfig.redirectUri,
Scope = OpenIdConnectScope.OpenIdProfile,
ResponseType = OpenIdConnectResponseType.CodeIdToken,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
RedirectToIdentityProvider = (context) =>
{
return(Task.FromResult(0));
},
MessageReceived = (context) =>
{
return(Task.FromResult(0));
},
SecurityTokenReceived = (context) =>
{
return(Task.FromResult(0));
},
SecurityTokenValidated = async(context) =>
{
var identity = context.AuthenticationTicket.Identity;
var userManager = context.OwinContext.GetUserManager <AppUserManager>();
var userName = identity.FindFirstValue("preferred_username");
var appUser = await userManager.FindByNameAsync(userName);
if (appUser == null)
{
appUser = new AppUser()
{
UserName = userName,
PersonName = identity.FindFirstValue("name")
};
await userManager.CreateAsync(appUser);
appUser = await userManager.FindByNameAsync(userName);
}
var claims = await userManager.GetClaimsAsync(appUser.Id);
var openIdId = identity.FindFirst("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier");
if (openIdId != null)
{
identity.TryRemoveClaim(openIdId);
identity.AddClaim(new Claim("OpenIdIdentifier", openIdId.Value));
}
identity.AddClaim(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "99"));
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, appUser.UserName));
foreach (var c in claims)
{
identity.AddClaim(new Claim(c.Type, c.Value));
}
//"OpenIdIdentifier"
},
AuthorizationCodeReceived = (context) =>
{
return(Task.FromResult(0));
},
AuthenticationFailed = (context) =>
{
return(Task.FromResult(0));
},
}
};
app.UseOpenIdConnectAuthentication(opts);
}