StartSignOut() public method

Starts the SignOut flow. You should start this step before cleaning up the user session, because this can be done in the final redirect. The steps are: 1. Redirect to SDB Connect IdG to perform the sign out at federation level 2. Callback to the application sign out redirect URI to cleanup at application level
public StartSignOut ( AccessTokenResponse accessTokenResponse, string redirectUri ) : HttpRedirectResponse
accessTokenResponse OpenIdConnect.Client.Common.Representations.AccessTokenResponse /// The token endpoint's access token response (when the user completed the sign in flow). /// We need the id_token that was returned in this response. ///
redirectUri string /// The callback URI where the application will cleanup the user's session ///
return OpenIdConnect.Client.Common.Representations.HttpRedirectResponse
OpenIdConnectClient Class Documentation
Example #1
0
        public void CanRedirectToCorrectEndpoint()
        {
            var config = new OpenIdConnectAuthenticationSettings
            {
                ClientId = "some-client-id",
                ClientSecret = "some-client-secret",
                Scope = "openid some-scope",

                AuthorizationEndpoint = new Uri("https://id.services.telecom.pt/oic/"),
                TokenEndpoint = new Uri("https://services.telecom.pt/connect/token_endpoint/access_token"),
                UserInfoEndpoint = new Uri("https://services.telecom.pt/connect/oic/userinfo/")
            };

            const string signOutRedirectUri = "https://dummy.signout.callback.uri";

            var sessionStateStoreMock = new StateSessionStoreMock();
            var client = new OpenIdConnectClient(config, sessionStateStoreMock);

            var response = client.StartSignOut(new AccessTokenResponse { IdToken = "the-id-token" }, signOutRedirectUri);

            // parameter check

            // do they all exist?
            Assert.True(response.Location.Query.Contains("id_token_hint"));
            Assert.True(response.Location.Query.Contains("post_logout_redirect_uri"));

            var queryString = TestUtils.GetParsedQueryString(response.Location);

            // are they filled with the correct values?
            Assert.Equal(Uri.EscapeUriString(signOutRedirectUri), queryString["post_logout_redirect_uri"]);
            Assert.Equal(Uri.EscapeUriString("the-id-token"), queryString["id_token_hint"]);
        }
Example #2
0
        public void RedirectsToRedirectUriImmediatellyWithoutIdToken()
        {
            var config = new OpenIdConnectAuthenticationSettings
            {
                ClientId = "some-client-id",
                ClientSecret = "some-client-secret",
                Scope = "openid some-scope",

                AuthorizationEndpoint = new Uri("https://id.services.telecom.pt/oic/"),
                TokenEndpoint = new Uri("https://services.telecom.pt/connect/token_endpoint/access_token"),
                UserInfoEndpoint = new Uri("https://services.telecom.pt/connect/oic/userinfo/")
            };

            const string signOutRedirectUri = "https://dummy.signout.callback.uri";

            var sessionStateStoreMock = new StateSessionStoreMock();
            var client = new OpenIdConnectClient(config, sessionStateStoreMock);

            var response = client.StartSignOut(null, signOutRedirectUri);

            Assert.Equal(signOutRedirectUri, response.Location.OriginalString);
        }