public async Task <IActionResult> Logout(LogoutViewModel model)
{
var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider)
{
if (model.LogoutId == null)
{
// if there's no current logout context, we need to create one
// this captures necessary info from the current logged in user
// before we signout and redirect away to the external IdP for signout
model.LogoutId = await _interaction.CreateLogoutContextAsync();
}
string url = "/Account/Logout?logoutId=" + model.LogoutId;
try
{
// hack: try/catch to handle social providers that throw
await HttpContext.SignOutAsync(idp, new AuthenticationProperties
{
RedirectUri = url
});
}
catch (Exception ex)
{
_logger.LogCritical(ex.Message);
}
}
// delete authentication cookie
await HttpContext.SignOutAsync();
// set this so UI rendering sees an anonymous user
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
return(Redirect(logout?.PostLogoutRedirectUri));
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
var result = await BuildLoggedOutViewModelAsync(model.LogoutId);
if (User?.Identity.IsAuthenticated == true)
{
await SecurityService.SignOutAsync();
}
if (result.TriggerExternalSignout)
{
string url = Url.Action("Logout", new { logoutId = result.LogoutId });
return(SignOut(new AuthenticationProperties {
RedirectUri = url
}, result.ExternalAuthenticationScheme));
}
if (result.PostLogoutRedirectUri.IsEmpty())
{
return(View());
}
return(Redirect(result.PostLogoutRedirectUri));
}
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
var vm = new LogoutViewModel {
LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt
};
if (User?.Identity.IsAuthenticated != true)
{
vm.ShowLogoutPrompt = false;
return(vm);
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
vm.ShowLogoutPrompt = false;
return(vm);
}
return(vm);
}
public async Task <IActionResult> Logout(string logoutId)
{
if (User.Identity.IsAuthenticated == false)
{
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
var vm = new LogoutViewModel
{
LogoutId = logoutId
};
return(View(vm));
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
// delete authentication cookie
await _signInManager.SignOutAsync();
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
if (!string.IsNullOrEmpty(logout?.PostLogoutRedirectUri))
{
Redirect(logout.PostLogoutRedirectUri);
}
var vm = new LoggedOutViewModel
{
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = logout?.ClientId,
SignOutIframeUrl = logout?.SignOutIFrameUrl
};
return(View("LoggedOut", vm));
}
public async Task <IActionResult> logout(LogoutViewModel model)
{
DateTime dtBeforeCalling = DateTime.Now;
AdminRequestLog log = new AdminRequestLog();
log.UserIP = Utilities.GetUserIPAddress();
log.ServerIP = Utilities.GetInternalServerIP();
log.UserAgent = Utilities.GetUserAgent();
log.PageName = "logout";
log.PageURL = "/logout";
//log.ApiURL = Utilities.GetCurrentURL(httpContext);
log.MethodName = "logout";
log.UserID = User.GetUserId();
log.UserName = User.GetUserName();
var output = new Output <string>();
try
{
output.ErrorCode = Output <string> .ErrorCodes.Success;
output.ErrorDescription = ResourcesHepler.GetMessage("Success", model.Language);
await SignInManager.SignOutAsync();
log.ServiceResponseTimeInSeconds = DateTime.Now.Subtract(dtBeforeCalling).TotalSeconds;
log.ErrorDescription = output.ErrorDescription;
log.ErrorCode = (int)output.ErrorCode;
LogService.AddAdminRequestLogs(log);
return(Ok(output));
}
catch (Exception ex)
{
output.ErrorCode = Output <string> .ErrorCodes.ServerException;
output.ErrorDescription = ResourcesHepler.GetMessage("ServerError", model.Language);
log.ServiceResponseTimeInSeconds = DateTime.Now.Subtract(dtBeforeCalling).TotalSeconds;
log.ErrorDescription = ex.ToString();
log.ErrorCode = (int)output.ErrorCode;
LogService.AddAdminRequestLogs(log);
return(Ok(output));
}
}
private IHttpActionResult RenderLogoutPromptPage(string id)
{
var logout_url = context.GetIdentityServerLogoutUrl();
if (id.IsPresent())
{
logout_url += "?id=" + id;
}
var logoutModel = new LogoutViewModel
{
SiteName = options.SiteName,
SiteUrl = context.GetIdentityServerBaseUrl(),
CurrentUser = context.GetCurrentUserDisplayName(),
LogoutUrl = logout_url,
AntiForgery = antiForgeryToken.GetAntiForgeryToken(),
};
var message = signOutMessageCookie.Read(id);
return(new LogoutActionResult(viewService, logoutModel, message));
}
public async Task <IActionResult> Logout(string logoutId)
{
var item = CultureInfo.CurrentCulture;
var item2 = CultureInfo.CurrentUICulture;
if (User.Identity.IsAuthenticated == false)
{
// if the user is not authenticated, then just show logged out page
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context == null)
{
_logger.LogWarning($"Logout context is null: {logoutId}");
}
if (context != null && context.ShowSignoutPrompt == true)
{
_logger.LogInformation("Context is asking us to show the logout prompt.");
}
if (context?.ShowSignoutPrompt == false)
{
// it's safe to automatically sign-out
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
// show the logout prompt. this prevents attacks where the user
// is automatically signed out by another malicious web page.
var vm = new LogoutViewModel
{
LogoutId = logoutId
};
return(View(vm));
}
public async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
var vm = new LogoutViewModel {
LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt
};
var user = await _httpContextAccessor.HttpContext.GetIdentityServerUserAsync();
if (user == null || user.Identity.IsAuthenticated == false)
{
vm.ShowLogoutPrompt = false;
return(vm);
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
vm.ShowLogoutPrompt = false;
return(vm);
}
return(vm);
}
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
var vm = new LogoutViewModel {
LogoutId = logoutId
};
if (!User.IsAuthenticated())
{
// if the user is not authenticated, then just show logged out page
vm.ShowLogoutPrompt = false;
return(vm);
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
vm.ShowLogoutPrompt = false;
return(vm);
}
return(vm);
}
public async Task <IActionResult> Logout(string logoutId)
{
if (User.Identity.IsAuthenticated == false)
{
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
// show the logout prompt. this prevents attacks where the user
// is automatically signed out by another malicious web page.
var vm = new LogoutViewModel
{
LogoutId = logoutId
};
return(View(vm));
}
public async Task <LogoutViewModel> GetLogoutView(string logoutId)
{
var user = _httpContextAccessor.HttpContext.User;
var vm = new LogoutViewModel
{
LogoutId = logoutId,
ShowLogoutPrompt = user?.Identity.IsAuthenticated ?? false,
Referrer = _httpContextAccessor.HttpContext.Request.Headers["Referer"]
};
if (vm.ShowLogoutPrompt)
{
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context != null)
{
vm.ClientName = context.ClientName;
vm.ActiveClients = context.ClientIds?.ToArray();
}
}
return(vm);
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
try
{
AppUsers user = await _iDomain.GetUserById(User.Identity.Name);
var unlinkToken = _iDomain.UnlinkFCMToken(model.fcm_token);
_uow.SaveChanges();
_logger.CustomProperties(user).Info("Login user");
return(Ok(unlinkToken));
}
catch (Exception e)
{
_logger.Error(e);
return(Error(new ApiResult()
{
Code = ResultCode.UnknownError,
Message = ResultCode.UnknownError.DisplayName() + ": " + e.Message
}));
}
}
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
var vm = new LogoutViewModel {
LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt
};
if (User?.Identity.IsAuthenticated != true)
{
// if the user is not authenticated, then just show logged out page
vm.ShowLogoutPrompt = false;
return(vm);
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
// it's safe to automatically sign-out
vm.ShowLogoutPrompt = false;
return(vm);
}
return(vm);
}
public async Task <IActionResult> Logout(string logoutId)
{
if (User.Identity.IsAuthenticated == false)
{
// if the user is not authenticated, then just show logged out page
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
// if the logout request is authenticated, it's safe to automatically sign-out
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
var vm = new LogoutViewModel
{
LogoutId = logoutId
};
return(View(vm));
}
public virtual Task <Stream> Logout(LogoutViewModel model, SignOutMessage message)
{
if (model == null)
{
throw new ArgumentNullException(nameof(model));
}
// Based on current InvokeLogOut Middleware, this method will not be called, because of context.Authentication.SignOut("custom", "Bearer"); code.
string content = $@"<!DOCTYPE html>
<html>
<body>
<form id='logoutForm' method='post' action='{model.LogoutUrl}'>
<input type='hidden' name='{model.AntiForgery.Name}' value='{model.AntiForgery.Value}'>
</form>
<script>
document.getElementById('logoutForm').submit();
</script>
</body>
</html>";
return(ReturnHtmlAsync(content, OwinContext.Request.CallCancelled));
}
/// <summary>
/// Get Login By UserId
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
public LogoutViewModel GetLoginByUserId(string userId)
{
LogoutViewModel loginLogout = null;
try
{
loginLogout = (from l in db.AspNetLoginOffs.Where(a => a.UserID == userId)
orderby l.Login descending
select new LogoutViewModel()
{
LoginLogoutID = l.LoginLogoutID,
UserID = l.UserID,
Login = l.Login,
DeviceID = l.DeviceId,
}).FirstOrDefault();
return(loginLogout);
}
catch
{
return(loginLogout);
}
}
public async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
var viewModel = new LogoutViewModel {
LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt
};
var user = _httpContextAccessor.HttpContext.User;
if (user?.Identity.IsAuthenticated != true)
{
viewModel.ShowLogoutPrompt = false;
return(viewModel);
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
viewModel.ShowLogoutPrompt = false;
return(viewModel);
}
return(viewModel);
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
// build a model so the logged out page knows what to display
var vm = await BuildLoggedOutViewModelAsync(model.LogoutId);
if (User?.Identity.IsAuthenticated == true)
{
// delete local authentication cookie
await _signInManager.SignOutAsync();
// raise the logout event
await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName()));
}
// check if we need to trigger sign-out at an upstream identity provider
if (vm.TriggerExternalSignout)
{
// build a return URL so the upstream provider will redirect back
// to us after the user has logged out. this allows us to then
// complete our single sign-out processing.
string url = Url.Action("Logout", new { logoutId = vm.LogoutId });
// this triggers a redirect to the external provider for sign-out
return(SignOut(new AuthenticationProperties {
RedirectUri = url
}, vm.ExternalAuthenticationScheme));
}
if (string.IsNullOrWhiteSpace(vm.PostLogoutRedirectUri))
{
return(View("LoggedOut", vm));
}
else
{
return(Redirect(vm.PostLogoutRedirectUri));
}
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider)
{
if (model.LogoutId == null)
{
model.LogoutId = await _interaction.CreateLogoutContextAsync();
}
string url = "/Account/Logout?logoutId=" + model.LogoutId;
try
{
await HttpContext.SignOutAsync(idp, new AuthenticationProperties
{
RedirectUri = url
});
}
catch (Exception ex)
{
_logger.LogError(ex, "LOGOUT ERROR: {ExceptionMessage}", ex.Message);
}
}
// delete authentication cookie
await HttpContext.SignOutAsync();
await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
return(Redirect(logout?.PostLogoutRedirectUri));
}
public async Task <IActionResult> Logout(string logoutId)
{
Console.WriteLine("Test 1");
Console.WriteLine(User.Identity);
Console.WriteLine(User.Identity.IsAuthenticated);
if (User.Identity.IsAuthenticated == false)
{
// if the user is not authenticated, then just show logged out page
Console.WriteLine("Test 2");
Console.WriteLine(logoutId);
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
//Test for Xamarin.
Console.WriteLine("Test 3");
var context = await _interaction.GetLogoutContextAsync(logoutId);
Console.WriteLine("Test 4");
if (context?.ShowSignoutPrompt == false)
{
Console.WriteLine("Test 5");
//it's safe to automatically sign-out
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
// show the logout prompt. this prevents attacks where the user
// is automatically signed out by another malicious web page.
var vm = new LogoutViewModel
{
LogoutId = logoutId
};
Console.WriteLine("Test 6");
Console.WriteLine(logoutId);
return(View(vm));
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != "local")
{
string url = "/Account/Logout?logoutId=" + model.LogoutId;
try
{
await HttpContext.Authentication.SignOutAsync(idp, new AuthenticationProperties { RedirectUri = url });
}
catch (Exception ex)
{
_logger.LogError("Cannot sign out! IDP : {0}. Reason : {1}", idp, ex);
}
}
// delete authentication cookie
await HttpContext.Authentication.SignOutAsync();
// await HttpContext.Authentication.CustomHandleSignOutAsync(Request, Response, null);
// set this so UI rendering sees an anonymous user
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
var vm = new LoggedOutViewModel
{
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = logout?.ClientId,
SignOutIframeUrl = logout?.SignOutIFrameUrl
};
return(View("LoggedOut", vm));
}
public async Task<IActionResult> Logout(LogoutViewModel model)
{
var subjectId = User?.Identity?.GetSubjectId();
if ( model.LogoutId == null)
{
model.LogoutId = await _interaction.CreateLogoutContextAsync();
}
// delete authentication cookie
await _signInManager.SignOutAsync();
// set this so UI rendering sees an anonymous user
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
if (!string.IsNullOrEmpty(logout?.PostLogoutRedirectUri))
return Redirect(logout.PostLogoutRedirectUri);
return RedirectToAction(nameof(Login));
}
private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
var vm = new LogoutViewModel {
LogoutId = logoutId
};
if (User?.Identity.IsAuthenticated != true)
{
// if the user is not authenticated, then just show logged out page
return(vm);
}
var context = await interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
// it's safe to automatically sign-out
return(vm);
}
// show the logout prompt. this prevents attacks where the user
// is automatically signed out by another malicious web page.
return(vm);
}
public async Task <ActionResult> Post([FromBody] LogoutViewModel logoutViewModel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var username = User.Identity.Name;
ApplicationUserToken?token = this.securityDb.ApplicationUserTokens.FirstOrDefault(x => x.Name == username && x.Jti == logoutViewModel.Jti);
if (token != null)
{
this.securityDb.ApplicationUserTokens.Remove(token);
await this.securityDb.SaveChangesAsync();
var s = await redisService.Get(token.Name);
await redisService.RemoveJti(username, logoutViewModel.Jti);
}
return(Ok());
}
//[ValidateAntiForgeryToken]
public async Task <IActionResult> Logout(LogoutViewModel viewModel)
{
var context = await _identityServerInteractionService.GetLogoutContextAsync(viewModel.logoutId);
//await HttpContext.SignOutAsync(IdentityServerConstants.DefaultCookieAuthenticationScheme);第一种注销
//第二种注销
var user = HttpContext.User;
if (user?.Identity.IsAuthenticated == true)
{
//删除本地授权Cookies
await HttpContext.SignOutAsync();
await _events.RaiseAsync(new UserLogoutSuccessEvent(user.GetSubjectId(), user.GetDisplayName()));
}
if (context != null)
{
if (!string.IsNullOrWhiteSpace(context.PostLogoutRedirectUri))
{
return(Redirect(context.PostLogoutRedirectUri));
}
if (viewModel.ShowSignoutPrompt)
{
//如果进入确认页面
var client = await _clientStore.FindClientByIdAsync(context.ClientId);
return(Redirect(client?.PostLogoutRedirectUris.FirstOrDefault() ?? "~/"));
}
}
var refererUrl = Request.Headers["Referer"].ToString();
return(Redirect(refererUrl));
}
public async Task <IActionResult> Logout(string logoutId)
{
if (User.Identity.IsAuthenticated == false)
{
// if the user is not authenticated, then just show logged out page
//return await Logout(new LogoutViewModel { LogoutId = logoutId });
string logoutRedirectUri;
if (_env.IsDevelopment())
{
logoutRedirectUri = _configuration.GetValue <string>("WebServerLocal");
}
else
{
logoutRedirectUri = _configuration.GetValue <string>("WebServer");
}
return(Redirect(logoutRedirectUri));
}
//Test for Xamarin.
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
//it's safe to automatically sign-out
return(await Logout(new LogoutViewModel { LogoutId = logoutId }));
}
// show the logout prompt. this prevents attacks where the user
// is automatically signed out by another malicious web page.
var vm = new LogoutViewModel
{
LogoutId = logoutId
};
return(View(vm));
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
// delete authentication cookie
await HttpContext.Authentication.SignOutAsync();
// set this so UI rendering sees an anonymous user
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
var authenticationManager = HttpContext.Authentication;
authenticationManager.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme).Wait();
var vm = new LoggedOutViewModel
{
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = logout?.ClientId,
SignOutIframeUrl = logout?.SignOutIFrameUrl
};
return(View("LoggedOut", vm));
}
public async Task <LogoutViewModel> GetLogoutViewModelAsync(string logoutId, bool isUserAuthenticated)
{
var viewModel = new LogoutViewModel
{
LogoutId = logoutId,
ShowLogoutPrompt = true
};
if (!isUserAuthenticated)
{
viewModel.ShowLogoutPrompt = false;
return(viewModel);
}
var context = await _interactionService.GetLogoutContextAsync(logoutId);
if (!context.ShowSignoutPrompt)
{
viewModel.ShowLogoutPrompt = false;
return(viewModel);
}
return(viewModel);
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
var vm = await _account.BuildLoggedOutViewModelAsync(model.LogoutId);
if (vm.TriggerExternalSignout)
{
string url = Url.Action("Logout", new { logoutId = vm.LogoutId });
try
{
await HttpContext.Authentication.SignOutAsync(vm.ExternalAuthenticationScheme,
new AuthenticationProperties { RedirectUri = url });
}
catch (NotSupportedException)
{
}
catch (InvalidOperationException)
{
}
}
await _signInManager.SignOutAsync();
return(View("LoggedOut", vm));
}
public virtual Task<System.IO.Stream> Logout(IDictionary<string, object> env, LogoutViewModel model)
{
return Render(model, "logout");
}
