private async Task <bool> HandleSignOut()
        {
            if (!Request.Path.Value.EndsWith(Options.SingleLogoutServiceUrl, StringComparison.OrdinalIgnoreCase))
            {
                return(false);
            }

            _logger.LogDebug($"Entering {nameof(HandleSignOut)}");

            if (!_httpRedirectBinding.IsValid(Context.Request))
            {
                return(false);
            }

            var uri = new Uri(Context.Request.GetEncodedUrl());

            if (_httpRedirectBinding.IsLogoutRequest(Context.Request)
                ) //idp initiated logout. TODO: BUG:Context.User and cookies are not populated
            {
                var logoutReponse = _samlService.GetLogoutReponse(uri);
                if (logoutReponse.StatusCode != Saml2Constants.StatusCodes.Success ||
                    Context.User.Identity.IsAuthenticated)
                {
                    return(false);
                }

                var relayState = _httpRedirectBinding.GetCompressedRelayState(Context.Request);
                var url        = _samlService.GetLogoutResponseUrl(logoutReponse, relayState);
                await Context.SignOutAsync(Options.SignOutScheme, new AuthenticationProperties());

                Context.Response.Redirect(url, true);
                return(true);
            }

            //sp initiated logout
            var response = _httpRedirectBinding.GetResponse(Context.Request);
            var authenticationProperties =
                Options.StateDataFormat.Unprotect(response.RelayState) ?? new AuthenticationProperties();

            var initialLogoutRequestId = GetRequestId();

            if (!_samlService.IsLogoutResponseValid(uri, initialLogoutRequestId))
            {
                return(false);
            }

            await Context.SignOutAsync(Options.SignOutScheme, authenticationProperties);

            var cookieOptions = Options.RequestIdCookie.Build(Context, Clock.UtcNow);

            Context.Response.DeleteAllRequestIdCookies(Context.Request, cookieOptions);

            var redirectUrl = GetRedirectUrl(authenticationProperties);

            _logger.LogDebug(
                $"Method={nameof(HandleSignOut)}. Received and handled sp initiated logout response. Redirecting to {redirectUrl}");

            Context.Response.Redirect(redirectUrl, true);
            return(true);
        }
        private async Task <bool> HandleSignOut()
        {
            System.Console.WriteLine("");
            System.Console.WriteLine("[Saml2Handler][HandleSignOut] =>");
            System.Console.WriteLine("[Saml2Handler][HandleSignOut] => Options.SingleLogoutServiceUrl: '" + Options.SingleLogoutServiceUrl + "'");

            if (!Request.Path.Value.EndsWith(Options.SingleLogoutServiceUrl, StringComparison.OrdinalIgnoreCase) ||
                !_httpRedirectBinding.IsValid(Context.Request))
            {
                System.Console.WriteLine("[Saml2Handler][HandleSignOut] => returning false");
                return(false);
            }

            _logger.LogDebug($"Entering {nameof(HandleSignOut)}");

            var uri = new Uri(Context.Request.GetEncodedUrl());

            //idp initiated logout. TODO: BUG:Context.User and cookies are not populated
            if (_httpRedirectBinding.IsLogoutRequest(Context.Request))
            {
                var logoutResponse = _samlService.GetLogoutReponse(uri);
                if (logoutResponse.StatusCode != Saml2Constants.StatusCodes.Success ||
                    Context.User.Identity.IsAuthenticated)
                {
                    return(false);
                }

                var relayState = _httpRedirectBinding.GetCompressedRelayState(Context.Request);
                var url        = _samlService.GetLogoutResponseUrl(logoutResponse, relayState);
                await Context.SignOutAsync(Options.SignOutScheme, new AuthenticationProperties());

                Context.Response.Redirect(url, true);
                return(true);
            }

            //sp initiated logout
            var properties = await _sessionStore.LoadAsync <AuthenticationProperties>() ?? new AuthenticationProperties();

            properties.Items.TryGetValue(LogoutRequestIdKey, out var initialLogoutRequestId);

            if (!_samlService.IsLogoutResponseValid(uri, initialLogoutRequestId))
            {
                return(false);
            }

            await Context.SignOutAsync(Options.SignOutScheme, properties);

            await _sessionStore.RemoveAsync <AuthenticationProperties>();

            var redirectUrl = GetRedirectUrl(properties);

            _logger.LogDebug($"Method={nameof(HandleSignOut)}. Received and handled sp initiated logout response. Redirecting to {redirectUrl}");

            Context.Response.Redirect(redirectUrl, true);
            return(true);
        }