public async Task <IActionResult> Logout(LogoutViewModel model) { var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value; if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider) { if (model.LogoutId == null) { // if there's no current logout context, we need to create one // this captures necessary info from the current logged in user // before we signout and redirect away to the external IdP for signout model.LogoutId = await _interaction.CreateLogoutContextAsync(); } string url = "/Account/Logout?logoutId=" + model.LogoutId; try { // hack: try/catch to handle social providers that throw await HttpContext.SignOutAsync(idp, new AuthenticationProperties { RedirectUri = url }); } catch (Exception ex) { _logger.LogCritical(ex.Message); } } // delete authentication cookie await HttpContext.SignOutAsync(); // set this so UI rendering sees an anonymous user HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); // get context information (client name, post logout redirect URI and iframe for federated signout) var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); return(Redirect(logout?.PostLogoutRedirectUri)); }
public async Task <IActionResult> Logout(LogoutViewModel model) { var result = await BuildLoggedOutViewModelAsync(model.LogoutId); if (User?.Identity.IsAuthenticated == true) { await SecurityService.SignOutAsync(); } if (result.TriggerExternalSignout) { string url = Url.Action("Logout", new { logoutId = result.LogoutId }); return(SignOut(new AuthenticationProperties { RedirectUri = url }, result.ExternalAuthenticationScheme)); } if (result.PostLogoutRedirectUri.IsEmpty()) { return(View()); } return(Redirect(result.PostLogoutRedirectUri)); }
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; if (User?.Identity.IsAuthenticated != true) { vm.ShowLogoutPrompt = false; return(vm); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { vm.ShowLogoutPrompt = false; return(vm); } return(vm); }
public async Task <IActionResult> Logout(string logoutId) { if (User.Identity.IsAuthenticated == false) { return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } var vm = new LogoutViewModel { LogoutId = logoutId }; return(View(vm)); }
public async Task <IActionResult> Logout(LogoutViewModel model) { // delete authentication cookie await _signInManager.SignOutAsync(); // get context information (client name, post logout redirect URI and iframe for federated signout) var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); if (!string.IsNullOrEmpty(logout?.PostLogoutRedirectUri)) { Redirect(logout.PostLogoutRedirectUri); } var vm = new LoggedOutViewModel { PostLogoutRedirectUri = logout?.PostLogoutRedirectUri, ClientName = logout?.ClientId, SignOutIframeUrl = logout?.SignOutIFrameUrl }; return(View("LoggedOut", vm)); }
public async Task <IActionResult> logout(LogoutViewModel model) { DateTime dtBeforeCalling = DateTime.Now; AdminRequestLog log = new AdminRequestLog(); log.UserIP = Utilities.GetUserIPAddress(); log.ServerIP = Utilities.GetInternalServerIP(); log.UserAgent = Utilities.GetUserAgent(); log.PageName = "logout"; log.PageURL = "/logout"; //log.ApiURL = Utilities.GetCurrentURL(httpContext); log.MethodName = "logout"; log.UserID = User.GetUserId(); log.UserName = User.GetUserName(); var output = new Output <string>(); try { output.ErrorCode = Output <string> .ErrorCodes.Success; output.ErrorDescription = ResourcesHepler.GetMessage("Success", model.Language); await SignInManager.SignOutAsync(); log.ServiceResponseTimeInSeconds = DateTime.Now.Subtract(dtBeforeCalling).TotalSeconds; log.ErrorDescription = output.ErrorDescription; log.ErrorCode = (int)output.ErrorCode; LogService.AddAdminRequestLogs(log); return(Ok(output)); } catch (Exception ex) { output.ErrorCode = Output <string> .ErrorCodes.ServerException; output.ErrorDescription = ResourcesHepler.GetMessage("ServerError", model.Language); log.ServiceResponseTimeInSeconds = DateTime.Now.Subtract(dtBeforeCalling).TotalSeconds; log.ErrorDescription = ex.ToString(); log.ErrorCode = (int)output.ErrorCode; LogService.AddAdminRequestLogs(log); return(Ok(output)); } }
private IHttpActionResult RenderLogoutPromptPage(string id) { var logout_url = context.GetIdentityServerLogoutUrl(); if (id.IsPresent()) { logout_url += "?id=" + id; } var logoutModel = new LogoutViewModel { SiteName = options.SiteName, SiteUrl = context.GetIdentityServerBaseUrl(), CurrentUser = context.GetCurrentUserDisplayName(), LogoutUrl = logout_url, AntiForgery = antiForgeryToken.GetAntiForgeryToken(), }; var message = signOutMessageCookie.Read(id); return(new LogoutActionResult(viewService, logoutModel, message)); }
public async Task <IActionResult> Logout(string logoutId) { var item = CultureInfo.CurrentCulture; var item2 = CultureInfo.CurrentUICulture; if (User.Identity.IsAuthenticated == false) { // if the user is not authenticated, then just show logged out page return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context == null) { _logger.LogWarning($"Logout context is null: {logoutId}"); } if (context != null && context.ShowSignoutPrompt == true) { _logger.LogInformation("Context is asking us to show the logout prompt."); } if (context?.ShowSignoutPrompt == false) { // it's safe to automatically sign-out return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } // show the logout prompt. this prevents attacks where the user // is automatically signed out by another malicious web page. var vm = new LogoutViewModel { LogoutId = logoutId }; return(View(vm)); }
public async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; var user = await _httpContextAccessor.HttpContext.GetIdentityServerUserAsync(); if (user == null || user.Identity.IsAuthenticated == false) { vm.ShowLogoutPrompt = false; return(vm); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { vm.ShowLogoutPrompt = false; return(vm); } return(vm); }
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new LogoutViewModel { LogoutId = logoutId }; if (!User.IsAuthenticated()) { // if the user is not authenticated, then just show logged out page vm.ShowLogoutPrompt = false; return(vm); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { vm.ShowLogoutPrompt = false; return(vm); } return(vm); }
public async Task <IActionResult> Logout(string logoutId) { if (User.Identity.IsAuthenticated == false) { return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } // show the logout prompt. this prevents attacks where the user // is automatically signed out by another malicious web page. var vm = new LogoutViewModel { LogoutId = logoutId }; return(View(vm)); }
public async Task <LogoutViewModel> GetLogoutView(string logoutId) { var user = _httpContextAccessor.HttpContext.User; var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = user?.Identity.IsAuthenticated ?? false, Referrer = _httpContextAccessor.HttpContext.Request.Headers["Referer"] }; if (vm.ShowLogoutPrompt) { var context = await _interaction.GetLogoutContextAsync(logoutId); if (context != null) { vm.ClientName = context.ClientName; vm.ActiveClients = context.ClientIds?.ToArray(); } } return(vm); }
public async Task <IActionResult> Logout(LogoutViewModel model) { try { AppUsers user = await _iDomain.GetUserById(User.Identity.Name); var unlinkToken = _iDomain.UnlinkFCMToken(model.fcm_token); _uow.SaveChanges(); _logger.CustomProperties(user).Info("Login user"); return(Ok(unlinkToken)); } catch (Exception e) { _logger.Error(e); return(Error(new ApiResult() { Code = ResultCode.UnknownError, Message = ResultCode.UnknownError.DisplayName() + ": " + e.Message })); } }
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; if (User?.Identity.IsAuthenticated != true) { // if the user is not authenticated, then just show logged out page vm.ShowLogoutPrompt = false; return(vm); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { // it's safe to automatically sign-out vm.ShowLogoutPrompt = false; return(vm); } return(vm); }
public async Task <IActionResult> Logout(string logoutId) { if (User.Identity.IsAuthenticated == false) { // if the user is not authenticated, then just show logged out page return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { // if the logout request is authenticated, it's safe to automatically sign-out return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } var vm = new LogoutViewModel { LogoutId = logoutId }; return(View(vm)); }
public virtual Task <Stream> Logout(LogoutViewModel model, SignOutMessage message) { if (model == null) { throw new ArgumentNullException(nameof(model)); } // Based on current InvokeLogOut Middleware, this method will not be called, because of context.Authentication.SignOut("custom", "Bearer"); code. string content = $@"<!DOCTYPE html> <html> <body> <form id='logoutForm' method='post' action='{model.LogoutUrl}'> <input type='hidden' name='{model.AntiForgery.Name}' value='{model.AntiForgery.Value}'> </form> <script> document.getElementById('logoutForm').submit(); </script> </body> </html>"; return(ReturnHtmlAsync(content, OwinContext.Request.CallCancelled)); }
/// <summary> /// Get Login By UserId /// </summary> /// <param name="userId"></param> /// <returns></returns> public LogoutViewModel GetLoginByUserId(string userId) { LogoutViewModel loginLogout = null; try { loginLogout = (from l in db.AspNetLoginOffs.Where(a => a.UserID == userId) orderby l.Login descending select new LogoutViewModel() { LoginLogoutID = l.LoginLogoutID, UserID = l.UserID, Login = l.Login, DeviceID = l.DeviceId, }).FirstOrDefault(); return(loginLogout); } catch { return(loginLogout); } }
public async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var viewModel = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; var user = _httpContextAccessor.HttpContext.User; if (user?.Identity.IsAuthenticated != true) { viewModel.ShowLogoutPrompt = false; return(viewModel); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { viewModel.ShowLogoutPrompt = false; return(viewModel); } return(viewModel); }
public async Task <IActionResult> Logout(LogoutViewModel model) { // build a model so the logged out page knows what to display var vm = await BuildLoggedOutViewModelAsync(model.LogoutId); if (User?.Identity.IsAuthenticated == true) { // delete local authentication cookie await _signInManager.SignOutAsync(); // raise the logout event await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName())); } // check if we need to trigger sign-out at an upstream identity provider if (vm.TriggerExternalSignout) { // build a return URL so the upstream provider will redirect back // to us after the user has logged out. this allows us to then // complete our single sign-out processing. string url = Url.Action("Logout", new { logoutId = vm.LogoutId }); // this triggers a redirect to the external provider for sign-out return(SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme)); } if (string.IsNullOrWhiteSpace(vm.PostLogoutRedirectUri)) { return(View("LoggedOut", vm)); } else { return(Redirect(vm.PostLogoutRedirectUri)); } }
public async Task <IActionResult> Logout(LogoutViewModel model) { var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value; if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider) { if (model.LogoutId == null) { model.LogoutId = await _interaction.CreateLogoutContextAsync(); } string url = "/Account/Logout?logoutId=" + model.LogoutId; try { await HttpContext.SignOutAsync(idp, new AuthenticationProperties { RedirectUri = url }); } catch (Exception ex) { _logger.LogError(ex, "LOGOUT ERROR: {ExceptionMessage}", ex.Message); } } // delete authentication cookie await HttpContext.SignOutAsync(); await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme); HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); return(Redirect(logout?.PostLogoutRedirectUri)); }
public async Task <IActionResult> Logout(string logoutId) { Console.WriteLine("Test 1"); Console.WriteLine(User.Identity); Console.WriteLine(User.Identity.IsAuthenticated); if (User.Identity.IsAuthenticated == false) { // if the user is not authenticated, then just show logged out page Console.WriteLine("Test 2"); Console.WriteLine(logoutId); return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } //Test for Xamarin. Console.WriteLine("Test 3"); var context = await _interaction.GetLogoutContextAsync(logoutId); Console.WriteLine("Test 4"); if (context?.ShowSignoutPrompt == false) { Console.WriteLine("Test 5"); //it's safe to automatically sign-out return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } // show the logout prompt. this prevents attacks where the user // is automatically signed out by another malicious web page. var vm = new LogoutViewModel { LogoutId = logoutId }; Console.WriteLine("Test 6"); Console.WriteLine(logoutId); return(View(vm)); }
public async Task <IActionResult> Logout(LogoutViewModel model) { var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value; if (idp != null && idp != "local") { string url = "/Account/Logout?logoutId=" + model.LogoutId; try { await HttpContext.Authentication.SignOutAsync(idp, new AuthenticationProperties { RedirectUri = url }); } catch (Exception ex) { _logger.LogError("Cannot sign out! IDP : {0}. Reason : {1}", idp, ex); } } // delete authentication cookie await HttpContext.Authentication.SignOutAsync(); // await HttpContext.Authentication.CustomHandleSignOutAsync(Request, Response, null); // set this so UI rendering sees an anonymous user HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); // get context information (client name, post logout redirect URI and iframe for federated signout) var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); var vm = new LoggedOutViewModel { PostLogoutRedirectUri = logout?.PostLogoutRedirectUri, ClientName = logout?.ClientId, SignOutIframeUrl = logout?.SignOutIFrameUrl }; return(View("LoggedOut", vm)); }
public async Task<IActionResult> Logout(LogoutViewModel model) { var subjectId = User?.Identity?.GetSubjectId(); if ( model.LogoutId == null) { model.LogoutId = await _interaction.CreateLogoutContextAsync(); } // delete authentication cookie await _signInManager.SignOutAsync(); // set this so UI rendering sees an anonymous user HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); // get context information (client name, post logout redirect URI and iframe for federated signout) var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); if (!string.IsNullOrEmpty(logout?.PostLogoutRedirectUri)) return Redirect(logout.PostLogoutRedirectUri); return RedirectToAction(nameof(Login)); }
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new LogoutViewModel { LogoutId = logoutId }; if (User?.Identity.IsAuthenticated != true) { // if the user is not authenticated, then just show logged out page return(vm); } var context = await interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { // it's safe to automatically sign-out return(vm); } // show the logout prompt. this prevents attacks where the user // is automatically signed out by another malicious web page. return(vm); }
public async Task <ActionResult> Post([FromBody] LogoutViewModel logoutViewModel) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var username = User.Identity.Name; ApplicationUserToken?token = this.securityDb.ApplicationUserTokens.FirstOrDefault(x => x.Name == username && x.Jti == logoutViewModel.Jti); if (token != null) { this.securityDb.ApplicationUserTokens.Remove(token); await this.securityDb.SaveChangesAsync(); var s = await redisService.Get(token.Name); await redisService.RemoveJti(username, logoutViewModel.Jti); } return(Ok()); }
//[ValidateAntiForgeryToken] public async Task <IActionResult> Logout(LogoutViewModel viewModel) { var context = await _identityServerInteractionService.GetLogoutContextAsync(viewModel.logoutId); //await HttpContext.SignOutAsync(IdentityServerConstants.DefaultCookieAuthenticationScheme);第一种注销 //第二种注销 var user = HttpContext.User; if (user?.Identity.IsAuthenticated == true) { //删除本地授权Cookies await HttpContext.SignOutAsync(); await _events.RaiseAsync(new UserLogoutSuccessEvent(user.GetSubjectId(), user.GetDisplayName())); } if (context != null) { if (!string.IsNullOrWhiteSpace(context.PostLogoutRedirectUri)) { return(Redirect(context.PostLogoutRedirectUri)); } if (viewModel.ShowSignoutPrompt) { //如果进入确认页面 var client = await _clientStore.FindClientByIdAsync(context.ClientId); return(Redirect(client?.PostLogoutRedirectUris.FirstOrDefault() ?? "~/")); } } var refererUrl = Request.Headers["Referer"].ToString(); return(Redirect(refererUrl)); }
public async Task <IActionResult> Logout(string logoutId) { if (User.Identity.IsAuthenticated == false) { // if the user is not authenticated, then just show logged out page //return await Logout(new LogoutViewModel { LogoutId = logoutId }); string logoutRedirectUri; if (_env.IsDevelopment()) { logoutRedirectUri = _configuration.GetValue <string>("WebServerLocal"); } else { logoutRedirectUri = _configuration.GetValue <string>("WebServer"); } return(Redirect(logoutRedirectUri)); } //Test for Xamarin. var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { //it's safe to automatically sign-out return(await Logout(new LogoutViewModel { LogoutId = logoutId })); } // show the logout prompt. this prevents attacks where the user // is automatically signed out by another malicious web page. var vm = new LogoutViewModel { LogoutId = logoutId }; return(View(vm)); }
public async Task <IActionResult> Logout(LogoutViewModel model) { // delete authentication cookie await HttpContext.Authentication.SignOutAsync(); // set this so UI rendering sees an anonymous user HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); // get context information (client name, post logout redirect URI and iframe for federated signout) var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); var authenticationManager = HttpContext.Authentication; authenticationManager.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme).Wait(); var vm = new LoggedOutViewModel { PostLogoutRedirectUri = logout?.PostLogoutRedirectUri, ClientName = logout?.ClientId, SignOutIframeUrl = logout?.SignOutIFrameUrl }; return(View("LoggedOut", vm)); }
public async Task <LogoutViewModel> GetLogoutViewModelAsync(string logoutId, bool isUserAuthenticated) { var viewModel = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = true }; if (!isUserAuthenticated) { viewModel.ShowLogoutPrompt = false; return(viewModel); } var context = await _interactionService.GetLogoutContextAsync(logoutId); if (!context.ShowSignoutPrompt) { viewModel.ShowLogoutPrompt = false; return(viewModel); } return(viewModel); }
public async Task <IActionResult> Logout(LogoutViewModel model) { var vm = await _account.BuildLoggedOutViewModelAsync(model.LogoutId); if (vm.TriggerExternalSignout) { string url = Url.Action("Logout", new { logoutId = vm.LogoutId }); try { await HttpContext.Authentication.SignOutAsync(vm.ExternalAuthenticationScheme, new AuthenticationProperties { RedirectUri = url }); } catch (NotSupportedException) { } catch (InvalidOperationException) { } } await _signInManager.SignOutAsync(); return(View("LoggedOut", vm)); }
public virtual Task<System.IO.Stream> Logout(IDictionary<string, object> env, LogoutViewModel model) { return Render(model, "logout"); }