public async Task <IActionResult> Logout(string logoutId)
{
// build a model so the logout page knows what to display
var vm = await BuildLogoutViewModelAsync(logoutId);
var resultModel = new LogOutResultModel();
resultModel.ShowLogoutPrompt = vm.ShowLogoutPrompt;
resultModel.LogoutId = vm.LogoutId;
if (vm.ShowLogoutPrompt == false)
{
await HttpContext.SignOutAsync();
// no need to show prompt
return(await Logout(resultModel));
}
resultModel.Status = LogOutStatus.Prompt;
return(Ok(resultModel));
}
public async Task <IActionResult> Logout([FromBody] LogOutResultModel model)
{
// build a model so the logged out page knows what to display
var vm = await BuildLoggedOutViewModelAsync(model.LogoutId);
if (User?.Identity.IsAuthenticated == true)
{
// delete local authentication cookie
await HttpContext.SignOutAsync();
// raise the logout event
await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName()));
}
// check if we need to trigger sign-out at an upstream identity provider
if (vm.TriggerExternalSignout)
{
// build a return URL so the upstream provider will redirect back
// to us after the user has logged out. this allows us to then
// complete our single sign-out processing.
string url = Url.Page("Logout", new { logoutId = vm.LogoutId });
// this triggers a redirect to the external provider for sign-out
return(SignOut(new AuthenticationProperties {
RedirectUri = url
}, vm.ExternalAuthenticationScheme));
}
model.AutomaticRedirectAfterSignOut = vm.AutomaticRedirectAfterSignOut;
model.ClientName = vm.ClientName;
model.PostLogoutRedirectUri = vm.PostLogoutRedirectUri;
model.SignOutIframeUrl = vm.SignOutIframeUrl;
model.LogoutId = vm.LogoutId;
model.Status = LogOutStatus.LoggedOut;
return(Ok(model));
}
