public async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
LogoutViewModel vm = new LogoutViewModel {
LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt
};
System.Security.Claims.ClaimsPrincipal user = this._httpContextAccessor.HttpContext.User;
if (user?.Identity.IsAuthenticated != true)
{
// if the user is not authenticated, then just show logged out page
vm.ShowLogoutPrompt = false;
return(vm);
}
IdentityServer4.Models.LogoutRequest context = await this._interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
// it's safe to automatically sign-out
vm.ShowLogoutPrompt = false;
return(vm);
}
// show the logout prompt. this prevents attacks where the user
// is automatically signed out by another malicious web page.
return(vm);
}
public async Task GetLogoutRequestAsync_Should_Return_LogoutRequest()
{
const string logoutId = "logoutId";
var identityServerLogoutRequest = new IdentityServer4.Models.LogoutRequest("iframeUrl", new IdentityServer4.Models.LogoutMessage());
var logoutRequest = new LogoutRequest(identityServerLogoutRequest.ShowSignoutPrompt,
identityServerLogoutRequest.PostLogoutRedirectUri, identityServerLogoutRequest.SignOutIFrameUrl, null, null);
_identityServerInteractionServiceMock.Setup(x => x.GetLogoutContextAsync(It.IsAny <string>()))
.ReturnsAsync(identityServerLogoutRequest);
_mapperMock.Setup(x =>
x.Map <IdentityServer4.Models.LogoutRequest, LogoutRequest>(
It.IsAny <IdentityServer4.Models.LogoutRequest>())).Returns(logoutRequest);
var result = await _service.GetLogoutRequestAsync(logoutId);
result.Should().BeEquivalentTo(logoutRequest);
}
public async Task <LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId)
{
// get context information (client name, post logout redirect URI and iframe for federated signout)
IdentityServer4.Models.LogoutRequest logout = await this._interaction.GetLogoutContextAsync(logoutId);
LoggedOutViewModel vm = new LoggedOutViewModel {
AutomaticRedirectAfterSignOut = AccountOptions.AutomaticRedirectAfterSignOut,
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = logout?.ClientId,
SignOutIframeUrl = logout?.SignOutIFrameUrl,
LogoutId = logoutId
};
System.Security.Claims.ClaimsPrincipal user = this._httpContextAccessor.HttpContext.User;
if (user?.Identity.IsAuthenticated == true)
{
string idp = user.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != IdentityServer4.IdentityServerConstants.LocalIdentityProvider)
{
bool providerSupportsSignout = await this._httpContextAccessor.HttpContext.GetSchemeSupportsSignOutAsync(idp);
if (providerSupportsSignout)
{
if (vm.LogoutId == null)
{
// if there's no current logout context, we need to create one
// this captures necessary info from the current logged in user
// before we signout and redirect away to the external IdP for signout
vm.LogoutId = await this._interaction.CreateLogoutContextAsync();
}
vm.ExternalAuthenticationScheme = idp;
}
}
}
return(vm);
}
public async Task <ServiceResult <string> > SignoutAsync(string logoutId)
{
ServiceResult <string> result = new ServiceResult <string>();
IdentityServer4.Models.LogoutRequest context = await interaction.GetLogoutContextAsync(logoutId);
if (context == null)
{
result.Errors.Add(new ServiceResult.Error
{
Key = nameof(Errors.InvalidSignoutId),
Message = Errors.InvalidSignoutId,
});
result.Code = 400;
return(result);
}
await signInManager.SignOutAsync();
result.Data = context.PostLogoutRedirectUri;
return(result);
}