/// <summary>
/// Validates if logged-in user has up-to-date info, if not user is singed out.
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task ValidatePrincipal(CookieValidatePrincipalContext context)
{
var userPrincipal = context.Principal;
var lastChanged = userPrincipal.Claims.FirstOrDefault(claim => claim.Type == CustomClaimTypes.LastUpdate);
var id = userPrincipal.Claims.FirstOrDefault(claim => claim.Type == JwtClaimTypes.Subject);
if (lastChanged == null || id == null)
{
context.RejectPrincipal();
await m_signInManager.SignOutAsync();
return;
}
var result = m_userManager.ValidateLastChanged(int.Parse(id.Value), lastChanged.Value);
if (result.HasError)
{
if (m_logger.IsEnabled(LogLevel.Error))
{
m_logger.LogError(string.Format("Code: {0}, Message: {1}", result.Error.Code, result.Error.Message));
}
}
if (result.Result)
{
return;
}
context.RejectPrincipal();
await m_signInManager.SignOutAsync();
}
public async Task <IActionResult> Logout(string logoutId)
{
if (User?.Identity.IsAuthenticated == true)
{
await m_signInManager.SignOutAsync();
//await m_loginManager.SignOutUser(HttpContext, int.Parse(User.GetSubjectId()), User.GetDisplayName()); //identity less logout
}
var vm = await BuildLoggedOutViewModelAsync(logoutId);
// check if we need to trigger sign-out at an upstream identity provider
if (vm.TriggerExternalSignout)
{
// build a return URL so the upstream provider will redirect back
// to us after the user has logged out. this allows us to then
// complete our single sign-out processing.
var url = Url.Action("Logout", new { logoutId = vm.LogoutId });
// this triggers a redirect to the external provider for sign-out
return(SignOut(new AuthenticationProperties {
RedirectUri = url
}, vm.ExternalAuthenticationScheme));
}
if (vm.AutomaticRedirectAfterSignOut && !string.IsNullOrEmpty(vm.PostLogoutRedirectUri))
{
return(View(vm));
}
vm.PostLogoutRedirectUri = m_returnUrlConfiguration.DefaultRedirectUrl;
return(View(vm));
}
