public async Task <IEndpointResult> ProcessAsync(HttpContext context)
{
NameValueCollection parameters;
if (HttpMethods.IsGet(context.Request.Method))
{
parameters = context.Request.Query.AsNameValueCollection();
}
else if (HttpMethods.IsPost(context.Request.Method))
{
parameters = (await context.Request.ReadFormAsync()).AsNameValueCollection();
}
else
{
_logger.LogWarning("Invalid HTTP method for end session endpoint.");
return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
}
var user = await _userSession.GetUserAsync();
_logger.LogDebug("Processing signout request for {subjectId}", user?.GetSubjectId() ?? "anonymous");
var result = await _endSessionRequestValidator.ValidateAsync(parameters, user);
if (result.IsError)
{
_logger.LogError("Error processing end session request {error}", result.Error);
}
else
{
_logger.LogDebug("Success validating end session request from {clientId}", result.ValidatedRequest?.Client?.ClientId);
}
return(new EndSessionResult(result));
}
private async Task <IEndpointResult> ProcessSignoutAsync(IdentityServerContext context)
{
_logger.LogInformation("Processing singout request");
NameValueCollection parameters = null;
if (context.HttpContext.Request.Method == "GET")
{
parameters = context.HttpContext.Request.Query.AsNameValueCollection();
}
else if (context.HttpContext.Request.Method == "POST")
{
parameters = context.HttpContext.Request.Form.AsNameValueCollection();
}
else
{
_logger.LogWarning("Invalid HTTP method for end session endpoint.");
return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
}
var user = await _context.GetIdentityServerUserAsync();
var result = await _endSessionRequestValidator.ValidateAsync(parameters, user);
return(await CreateLogoutPageRedirectAsync(result));
}
