private async Task <IdentityServer4.Quickstart.UI.LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new IdentityServer4.Quickstart.UI.LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; if (User?.Identity.IsAuthenticated != true) { // if the user is not authenticated, then just show logged out page vm.ShowLogoutPrompt = false; return(vm); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { // it's safe to automatically sign-out vm.ShowLogoutPrompt = false; return(vm); } // show the logout prompt. this prevents attacks where the user // is automatically signed out by another malicious web page. return(vm); }
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; if (User?.Identity.IsAuthenticated != true) { vm.ShowLogoutPrompt = false; return(vm); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { vm.ShowLogoutPrompt = false; return(vm); } return(vm); }
public async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) { var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; var user = await _httpContextAccessor.HttpContext.GetIdentityServerUserAsync(); if (user == null || user.Identity.IsAuthenticated == false) { vm.ShowLogoutPrompt = false; return(vm); } var context = await _interaction.GetLogoutContextAsync(logoutId); if (context?.ShowSignoutPrompt == false) { vm.ShowLogoutPrompt = false; return(vm); } return(vm); }