Exemplo n.º 1
0
        private async Task <bool> HandleSignOutAsync(AuthenticationProperties properties)
        {
            // Extract the OpenID Connect request from the ASP.NET Core context.
            // If it cannot be found or doesn't correspond to a logout request,
            // throw an InvalidOperationException.
            var request = Context.GetOpenIdConnectRequest();

            if (request == null || !request.IsLogoutRequest())
            {
                throw new InvalidOperationException("A logout response cannot be returned from this endpoint.");
            }

            // Note: if a response was already generated, throw an exception.
            var response = Context.GetOpenIdConnectResponse();

            if (response != null || Response.HasStarted)
            {
                throw new InvalidOperationException("A response has already been sent.");
            }

            Logger.LogTrace("A log-out operation was triggered: {Properties}.", properties.Items);

            // Prepare a new OpenID Connect response.
            response = new OpenIdConnectResponse();

            var notification = new ProcessSignoutResponseContext(Context, Scheme, Options, properties, request, response);
            await Provider.ProcessSignoutResponse(notification);

            if (notification.Result != null)
            {
                if (notification.Result.Handled)
                {
                    Logger.LogDebug("The sign-out response was handled in user code.");

                    return(true);
                }

                else if (notification.Result.Skipped)
                {
                    Logger.LogDebug("The default sign-out handling was skipped from user code.");

                    return(false);
                }
            }

            else if (notification.IsRejected)
            {
                Logger.LogError("The request was rejected with the following error: {Error} ; {Description}",
                                /* Error: */ notification.Error ?? OpenIdConnectConstants.Errors.InvalidRequest,
                                /* Description: */ notification.ErrorDescription);

                return(await SendLogoutResponseAsync(new OpenIdConnectResponse
                {
                    Error = notification.Error ?? OpenIdConnectConstants.Errors.InvalidRequest,
                    ErrorDescription = notification.ErrorDescription,
                    ErrorUri = notification.ErrorUri
                }));
            }

            return(await SendLogoutResponseAsync(response));
        }
 /// <summary>
 /// Represents an event called when processing a sign-out response.
 /// </summary>
 /// <param name="context">The context instance associated with this event.</param>
 /// <returns>A <see cref="Task"/> that can be used to monitor the asynchronous operation.</returns>
 public virtual Task ProcessSignoutResponse(ProcessSignoutResponseContext context)
 => OnProcessSignoutResponse(context);