/// <inheritdoc/> public virtual async Task SendLogoutNotificationsAsync(LogoutNotificationContext context) { var backChannelRequests = await LogoutNotificationService.GetBackChannelLogoutNotificationsAsync(context); if (backChannelRequests.Any()) { await SendLogoutNotificationsAsync(backChannelRequests); } }
/// <inheritdoc/> public virtual async Task SendLogoutNotificationsAsync(LogoutNotificationContext context) { using var activity = Tracing.ServiceActivitySource.StartActivity("DefaultBackChannelLogoutService.SendLogoutNotifications"); var backChannelRequests = await LogoutNotificationService.GetBackChannelLogoutNotificationsAsync(context); if (backChannelRequests.Any()) { await SendLogoutNotificationsAsync(backChannelRequests); } }
public Task <IEnumerable <BackChannelLogoutRequest> > GetBackChannelLogoutNotificationsAsync(LogoutNotificationContext context) { SendBackChannelLogoutNotificationsCalled = true; return(Task.FromResult(BackChannelLogoutRequests.AsEnumerable())); }
public Task <IEnumerable <string> > GetFrontChannelLogoutNotificationsUrlsAsync(LogoutNotificationContext context) { GetFrontChannelLogoutNotificationsUrlsCalled = true; return(Task.FromResult(FrontChannelLogoutNotificationsUrls.AsEnumerable())); }
public Task SendLogoutNotificationsAsync(LogoutNotificationContext context) { SendLogoutsWasCalled = true; return(Task.CompletedTask); }
/// <inheritdoc/> public async Task <IEnumerable <BackChannelLogoutRequest> > GetBackChannelLogoutNotificationsAsync(LogoutNotificationContext context) { var backChannelLogouts = new List <BackChannelLogoutRequest>(); foreach (var clientId in context.ClientIds) { var client = await _clientStore.FindEnabledClientByIdAsync(clientId); if (client != null) { if (client.BackChannelLogoutUri.IsPresent()) { var back = new BackChannelLogoutRequest { ClientId = clientId, LogoutUri = client.BackChannelLogoutUri, SubjectId = context.SubjectId, SessionId = context.SessionId, SessionIdRequired = client.BackChannelLogoutSessionRequired }; backChannelLogouts.Add(back); } } } if (backChannelLogouts.Any()) { var msg = backChannelLogouts.Select(x => x.LogoutUri).Aggregate((x, y) => x + ", " + y); _logger.LogDebug("Client back-channel logout URLs: {0}", msg); } else { _logger.LogDebug("No client back-channel logout URLs"); } return(backChannelLogouts); }
/// <inheritdoc/> public async Task <IEnumerable <string> > GetFrontChannelLogoutNotificationsUrlsAsync(LogoutNotificationContext context) { var frontChannelUrls = new List <string>(); foreach (var clientId in context.ClientIds) { var client = await _clientStore.FindEnabledClientByIdAsync(clientId); if (client != null) { if (client.FrontChannelLogoutUri.IsPresent()) { var url = client.FrontChannelLogoutUri; // add session id if required if (client.ProtocolType == IdentityServerConstants.ProtocolTypes.OpenIdConnect) { if (client.FrontChannelLogoutSessionRequired) { url = url.AddQueryString(OidcConstants.EndSessionRequest.Sid, context.SessionId); url = url.AddQueryString(OidcConstants.EndSessionRequest.Issuer, _httpContextAccessor.HttpContext.GetIdentityServerIssuerUri()); } } else if (client.ProtocolType == IdentityServerConstants.ProtocolTypes.WsFederation) { url = url.AddQueryString(Constants.WsFedSignOut.LogoutUriParameterName, Constants.WsFedSignOut.LogoutUriParameterValue); } frontChannelUrls.Add(url); } } } if (frontChannelUrls.Any()) { var msg = frontChannelUrls.Aggregate((x, y) => x + ", " + y); _logger.LogDebug("Client front-channel logout URLs: {0}", msg); } else { _logger.LogDebug("No client front-channel logout URLs"); } return(frontChannelUrls); }
internal static async Task <string> GetIdentityServerSignoutFrameCallbackUrlAsync(this HttpContext context, LogoutMessage logoutMessage = null) { var userSession = context.RequestServices.GetRequiredService <IUserSession>(); var user = await userSession.GetUserAsync(); var currentSubId = user?.GetSubjectId(); LogoutNotificationContext endSessionMsg = null; // if we have a logout message, then that take precedence over the current user if (logoutMessage?.ClientIds?.Any() == true) { var clientIds = logoutMessage?.ClientIds; // check if current user is same, since we might have new clients (albeit unlikely) if (currentSubId == logoutMessage?.SubjectId) { clientIds = clientIds.Union(await userSession.GetClientListAsync()); clientIds = clientIds.Distinct(); } endSessionMsg = new LogoutNotificationContext { SubjectId = logoutMessage.SubjectId, SessionId = logoutMessage.SessionId, ClientIds = clientIds }; } else if (currentSubId != null) { // see if current user has any clients they need to signout of var clientIds = await userSession.GetClientListAsync(); if (clientIds.Any()) { endSessionMsg = new LogoutNotificationContext { SubjectId = currentSubId, SessionId = await userSession.GetSessionIdAsync(), ClientIds = clientIds }; } } if (endSessionMsg != null) { var clock = context.RequestServices.GetRequiredService <ISystemClock>(); var msg = new Message <LogoutNotificationContext>(endSessionMsg, clock.UtcNow.UtcDateTime); var endSessionMessageStore = context.RequestServices.GetRequiredService <IMessageStore <LogoutNotificationContext> >(); var id = await endSessionMessageStore.WriteAsync(msg); var signoutIframeUrl = context.GetIdentityServerBaseUrl().EnsureTrailingSlash() + Constants.ProtocolRoutePaths.EndSessionCallback; signoutIframeUrl = signoutIframeUrl.AddQueryString(Constants.UIConstants.DefaultRoutePathParams.EndSessionCallback, id); return(signoutIframeUrl); } // no sessions, so nothing to cleanup return(null); }