private async void PrepareClient()
{
var redirectUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri().OriginalString;
// Create options for endpoint discovery
var options = new OidcClientOptions
{
Authority = "https://demo.identityserver.io",
ClientId = "interactive.confidential",
ClientSecret = "secret",
Scope = "openid profile email api offline_access",
RedirectUri = redirectUri,
PostLogoutRedirectUri = redirectUri,
ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode
};
// Create the client. In production application, this is often created and stored
// directly in the Application class.
_oidcClient = new OidcClient(options);
// Invoke Discovery and prepare a request state, containing the nonce.
// This is done here to ensure the discovery mechanism is done before
// the user clicks on the SignIn button. Since the opening of a web window
// should be done during the handling of a user interaction (here it's the button click),
// it will be too late to reach the discovery endpoint.
// Not doing this could trigger popup blocker mechanisms in browsers.
_loginState = await _oidcClient.PrepareLoginAsync();
btnSignin.IsEnabled = true;
// Same for logout url.
_logoutUrl = new Uri(await _oidcClient.PrepareLogoutAsync(new LogoutRequest()));
btnSignout.IsEnabled = true;
}
/// <summary>
/// Signs out a user.
/// </summary>
public async virtual Task SignOut()
{
await EnsureAuthService();
string idTokenString = null;
if (await TokenCache.TryGet(IdTokenKey, out var idToken))
{
idTokenString = idToken.RawData;
}
var logoutUrl = await Client.PrepareLogoutAsync(new LogoutRequest()
{
IdTokenHint = idTokenString,
});
await TokenCache.Clear();
await _protectedStorage.DeleteAsync(RefreshTokenKey);
await GetUser();
await StartSecureNavigation(new Uri(logoutUrl), new Uri(Client.Options.PostLogoutRedirectUri));
}