private async Task <LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId)
{
// 获取上下文信息(联合注销的客户端名称,发布注销重定向URI和iframe)
var logout = await _interaction.GetLogoutContextAsync(logoutId);
var vm = new LoggedOutViewModel
{
AutomaticRedirectAfterSignOut = AccountOptions.AutomaticRedirectAfterSignOut,
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = string.IsNullOrEmpty(logout?.ClientName) ? logout?.ClientId : logout?.ClientName,
SignOutIframeUrl = logout?.SignOutIFrameUrl,
LogoutId = logoutId
};
if (User?.Identity.IsAuthenticated == true)
{
var idp = User.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != IdentityServer4.IdentityServerConstants.LocalIdentityProvider)
{
var providerSupportsSignout = await HttpContext.GetSchemeSupportsSignOutAsync(idp);
if (providerSupportsSignout)
{
if (vm.LogoutId == null)
{
// 如果没有当前的注销上下文,我们需要创建一个
// 这会捕获当前登录用户的必要信息
// 在我们退出并重定向到外部IdP以进行注销之前
vm.LogoutId = await _interaction.CreateLogoutContextAsync();
}
vm.ExternalAuthenticationScheme = idp;
}
}
}
return(vm);
}
private async Task <LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId)
{
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(logoutId);
var vm = new LoggedOutViewModel
{
AutomaticRedirectAfterSignOut = AccountOptions.AutomaticRedirectAfterSignOut,
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = string.IsNullOrEmpty(logout?.ClientName) ? logout?.ClientId : logout?.ClientName,
SignOutIframeUrl = logout?.SignOutIFrameUrl,
LogoutId = logoutId
};
if (User?.Identity.IsAuthenticated == true)
{
var idp = User.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != IdentityServer4.IdentityServerConstants.LocalIdentityProvider)
{
var providerSupportsSignout = await HttpContext.GetSchemeSupportsSignOutAsync(idp);
if (providerSupportsSignout)
{
if (vm.LogoutId == null)
{
// if there's no current logout context, we need to create one
// this captures necessary info from the current logged in user
// before we signout and redirect away to the external IdP for signout
vm.LogoutId = await _interaction.CreateLogoutContextAsync();
}
vm.ExternalAuthenticationScheme = idp;
}
}
}
return(vm);
}
private async Task <IHttpActionResult> RenderLoggedOutPage(string id)
{
Logger.Info("rendering logged out page");
var baseUrl = context.GetIdentityServerBaseUrl();
var iframeUrls = options.RenderProtocolUrls(baseUrl, sessionCookie.GetSessionId());
var message = signOutMessageCookie.Read(id);
var redirectUrl = message != null ? message.ReturnUrl : null;
var clientName = await clientStore.GetClientName(message);
var loggedOutModel = new LoggedOutViewModel
{
SiteName = options.SiteName,
SiteUrl = baseUrl,
IFrameUrls = iframeUrls,
ClientName = clientName,
RedirectUrl = redirectUrl,
AutoRedirect = options.AuthenticationOptions.EnablePostSignOutAutoRedirect,
AutoRedirectDelay = options.AuthenticationOptions.PostSignOutAutoRedirectDelay
};
return(new LoggedOutActionResult(viewService, loggedOutModel, message));
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != "local")
{
string url = "/Account/Logout?logoutId=" + model.LogoutId;
try
{
await HttpContext.Authentication.SignOutAsync(idp, new AuthenticationProperties { RedirectUri = url });
}
catch (Exception ex)
{
_logger.LogError("Cannot sign out! IDP : {0}. Reason : {1}", idp, ex);
}
}
// delete authentication cookie
await HttpContext.Authentication.SignOutAsync();
// await HttpContext.Authentication.CustomHandleSignOutAsync(Request, Response, null);
// set this so UI rendering sees an anonymous user
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
var vm = new LoggedOutViewModel
{
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = logout?.ClientId,
SignOutIframeUrl = logout?.SignOutIFrameUrl
};
return(View("LoggedOut", vm));
}
public async Task <IActionResult> Logout(LogoutViewModel model)
{
// delete authentication cookie
await HttpContext.Authentication.SignOutAsync();
// set this so UI rendering sees an anonymous user
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);
var authenticationManager = HttpContext.Authentication;
authenticationManager.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme).Wait();
var vm = new LoggedOutViewModel
{
PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
ClientName = logout?.ClientId,
SignOutIframeUrl = logout?.SignOutIFrameUrl
};
return(View("LoggedOut", vm));
}
/// <summary>
/// Loads the HTML for the logged out page informing the user that they have successfully logged out.
/// </summary>
/// <param name="model">
/// The model.
/// </param>
/// <returns>
/// The <see cref="ActionResult"/>.
/// </returns>
public ActionResult LoggedOut(LoggedOutViewModel model)
{
return(this.View(model));
}
/// <summary>
/// Loads the HTML for the logged out page informing the user that they have successfully logged out.
/// </summary>
/// <param name="model">The model.</param>
/// <param name="message">The message.</param>
/// <returns>
/// Stream for the HTML
/// </returns>
public virtual Task <Stream> LoggedOut(LoggedOutViewModel model, SignOutMessage message)
{
return(Render(model, LoggedOutView));
}
public Task <Stream> LoggedOut(LoggedOutViewModel model, SignOutMessage message)
{
return(Render(model, "loggedOut"));
}
public virtual Task<System.IO.Stream> LoggedOut(IDictionary<string, object> env, LoggedOutViewModel model)
{
return Render(model, "loggedOut");
}
public async Task <Stream> LoggedOut(LoggedOutViewModel model, SignOutMessage message)
{
return(await Render(model, "LoggedOut"));
}
public LoggedOutActionResult(IViewService viewSvc, IDictionary <string, object> env, LoggedOutViewModel model)
: base(async() => await viewSvc.LoggedOut(env, model))
{
if (viewSvc == null)
{
throw new ArgumentNullException("viewSvc");
}
if (env == null)
{
throw new ArgumentNullException("env");
}
if (model == null)
{
throw new ArgumentNullException("model");
}
}
public IActionResult LoggedOut(LoggedOutViewModel model)
{
return(View(model));
}
public Task <Stream> LoggedOut(LoggedOutViewModel model, SignOutMessage message)
{
return(Task.FromResult(RunTemplate("loggedout", model, message?.ClientId)));
}
public void OnGet(LoggedOutViewModel loggedOutViewModel)
{
LoggedOutViewModel = loggedOutViewModel;
}
public virtual Task <System.IO.Stream> LoggedOut(IDictionary <string, object> env, LoggedOutViewModel model)
{
return(Render(model, "loggedOut"));
}
/// <summary>
/// Loads the HTML for the logged out page informing the user that they have successfully logged out.
/// </summary>
/// <param name="model">The model.</param>
/// <returns>
/// Stream for the HTML
/// </returns>
public virtual Task <Stream> LoggedOut(LoggedOutViewModel model)
{
return(Render(model, "loggedOut"));
}
/// <summary>
/// Перегруженная версия функции <see cref="DefaultViewService.LoggedOut(LoggedOutViewModel, SignOutMessage)"/>,
/// из которой удалено вывод имени клиента.
/// </summary>
/// <param name="model">
/// Объект <see cref="LoggedOutViewModel"/>, содержит имя клиента, которое в методе приравнивается null.
/// </param>
/// <param name="message">Объект <see cref="SignOutMessage"/>.</param>
/// <returns>
/// Возвращаемое значение базового класса <see cref="DefaultViewService"/>, на вход которого
/// подаётся модель <see cref="LoggedOutViewModel"/> с отстутствующим именем клиента.
/// </returns>
public override Task <Stream> LoggedOut(LoggedOutViewModel model, SignOutMessage message)
{
model.ClientName = null;
return(base.LoggedOut(model, message));
}
