private string ValidateSid(NameValueCollection parameters)
{
var sidCookie = _sessionId.GetCookieValue();
if (sidCookie != null)
{
var sid = parameters[OidcConstants.EndSessionRequest.Sid];
if (sid != null)
{
if (TimeConstantComparer.IsEqual(sid, sidCookie))
{
_logger.LogDebug("sid validation successful");
return(sid);
}
else
{
_logger.LogError("sid in query string does not match sid from cookie");
}
}
else
{
_logger.LogError("No sid in query string");
}
}
else
{
_logger.LogError("No sid in cookie");
}
return(null);
}
