/// <summary> /// Validates if logged-in user has up-to-date info, if not user is singed out. /// </summary> /// <param name="context"></param> /// <returns></returns> public override async Task ValidatePrincipal(CookieValidatePrincipalContext context) { var userPrincipal = context.Principal; var lastChanged = userPrincipal.Claims.FirstOrDefault(claim => claim.Type == CustomClaimTypes.LastUpdate); var id = userPrincipal.Claims.FirstOrDefault(claim => claim.Type == JwtClaimTypes.Subject); if (lastChanged == null || id == null) { context.RejectPrincipal(); await m_signInManager.SignOutAsync(); return; } var result = m_userManager.ValidateLastChanged(int.Parse(id.Value), lastChanged.Value); if (result.HasError) { if (m_logger.IsEnabled(LogLevel.Error)) { m_logger.LogError(string.Format("Code: {0}, Message: {1}", result.Error.Code, result.Error.Message)); } } if (result.Result) { return; } context.RejectPrincipal(); await m_signInManager.SignOutAsync(); }
public async Task <IActionResult> Logout(string logoutId) { if (User?.Identity.IsAuthenticated == true) { await m_signInManager.SignOutAsync(); //await m_loginManager.SignOutUser(HttpContext, int.Parse(User.GetSubjectId()), User.GetDisplayName()); //identity less logout } var vm = await BuildLoggedOutViewModelAsync(logoutId); // check if we need to trigger sign-out at an upstream identity provider if (vm.TriggerExternalSignout) { // build a return URL so the upstream provider will redirect back // to us after the user has logged out. this allows us to then // complete our single sign-out processing. var url = Url.Action("Logout", new { logoutId = vm.LogoutId }); // this triggers a redirect to the external provider for sign-out return(SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme)); } if (vm.AutomaticRedirectAfterSignOut && !string.IsNullOrEmpty(vm.PostLogoutRedirectUri)) { return(View(vm)); } vm.PostLogoutRedirectUri = m_returnUrlConfiguration.DefaultRedirectUrl; return(View(vm)); }