/// <summary> /// Called before the LogoutEndpoint endpoint redirects its response to the caller. /// If the web application wishes to produce the authorization response directly in the LogoutEndpoint call it may write to the /// context.Response directly and should call context.RequestCompleted to stop other handlers from executing. /// This call may also be used to add additional response parameters to the authorization response. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public virtual Task LogoutEndpointResponse(LogoutEndpointResponseContext context) => OnLogoutEndpointResponse(context);
protected override async Task HandleSignOutAsync(SignOutContext context)
{
// request may be null when no logout request has been received
// or has been already handled by InvokeLogoutEndpointAsync.
var request = Context.GetOpenIdConnectRequest();
if (request == null)
{
return;
}
// Stop processing the request if there's no signout context that matches
// the authentication type associated with this middleware instance
// or if the response status code doesn't indicate a successful response.
if (context == null || Response.StatusCode != 200)
{
return;
}
if (Response.HasStarted)
{
Logger.LogCritical(
"OpenIdConnectServerHandler.TeardownCoreAsync cannot be called when " +
"the response headers have already been sent back to the user agent. " +
"Make sure the response body has not been altered and that no middleware " +
"has attempted to write to the response stream during this request.");
return;
}
// post_logout_redirect_uri is added to the response message since it can be
// set or replaced from the ValidateClientLogoutRedirectUri event.
var response = new OpenIdConnectMessage {
PostLogoutRedirectUri = request.PostLogoutRedirectUri,
State = request.State
};
var notification = new LogoutEndpointResponseContext(Context, Options, request, response);
await Options.Provider.LogoutEndpointResponse(notification);
if (notification.HandledResponse)
{
return;
}
// Stop processing the request if no explicit
// post_logout_redirect_uri has been provided.
if (string.IsNullOrEmpty(response.PostLogoutRedirectUri))
{
return;
}
var location = response.PostLogoutRedirectUri;
foreach (var parameter in response.Parameters)
{
// Don't include post_logout_redirect_uri in the query string.
if (string.Equals(parameter.Key, OpenIdConnectParameterNames.PostLogoutRedirectUri, StringComparison.Ordinal))
{
continue;
}
location = QueryHelpers.AddQueryString(location, parameter.Key, parameter.Value);
}
Response.Redirect(location);
}
/// <summary> /// Called before the LogoutEndpoint endpoint redirects its response to the caller. /// If the web application wishes to produce the authorization response directly in the LogoutEndpoint call it may write to the /// context.Response directly and should call context.RequestCompleted to stop other handlers from executing. /// This call may also be used to add additional response parameters to the authorization response. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public virtual Task LogoutEndpointResponse(LogoutEndpointResponseContext context) => OnLogoutEndpointResponse(context);
