public virtual Task DeleteAsync(string id)
{
using var activity = Tracing.StoreActivitySource.StartActivity("ConsentMessageStore.Delete");
Cookie.Clear(id);
return(Task.CompletedTask);
}
public async Task <IHttpActionResult> Logout(string id = null)
{
var user = (ClaimsPrincipal)User;
if (user != null && user.Identity.IsAuthenticated)
{
var sub = user.GetSubjectId();
Logger.InfoFormat("Logout requested for subject: {0}", sub);
}
sessionCookie.ClearSessionId();
signOutMessageCookie.Clear(id);
ClearAuthenticationCookies();
SignOutOfExternalIdP();
if (user != null && user.Identity.IsAuthenticated)
{
await this.userService.SignOutAsync(user);
var message = signOutMessageCookie.Read(id);
eventService.RaiseLogoutEvent(user, id, message);
}
return(await RenderLoggedOutPage(id));
}
private void IssueAuthenticationCookie(string signInMessageId, AuthenticateResult authResult, bool?rememberMe = null)
{
if (authResult == null)
{
throw new ArgumentNullException("authResult");
}
if (authResult.IsPartialSignIn)
{
Logger.Info("issuing partial signin cookie");
}
else
{
Logger.Info("issuing primary signin cookie");
}
var props = new Microsoft.Owin.Security.AuthenticationProperties();
var id = authResult.User.Identities.First();
if (authResult.IsPartialSignIn)
{
// add claim so partial redirect can return here to continue login
// we need a random ID to resume, and this will be the query string
// to match a claim added. the claim added will be the original
// signIn ID.
var resumeId = CryptoRandom.CreateUniqueId();
var resumeLoginUrl = context.GetPartialLoginResumeUrl(resumeId);
var resumeLoginClaim = new Claim(Constants.ClaimTypes.PartialLoginReturnUrl, resumeLoginUrl);
id.AddClaim(resumeLoginClaim);
id.AddClaim(new Claim(GetClaimTypeForResumeId(resumeId), signInMessageId));
}
else
{
signInMessageCookie.Clear(signInMessageId);
sessionCookie.IssueSessionId(rememberMe);
}
if (!authResult.IsPartialSignIn)
{
// don't issue persistnt cookie if it's a partial signin
if (rememberMe == true ||
(rememberMe != false && this.options.AuthenticationOptions.CookieOptions.IsPersistent))
{
// only issue persistent cookie if user consents (rememberMe == true) or
// if server is configured to issue persistent cookies and user has not explicitly
// denied the rememberMe (false)
// if rememberMe is null, then user was not prompted for rememberMe
props.IsPersistent = true;
if (rememberMe == true)
{
var expires = DateTimeHelper.UtcNow.Add(options.AuthenticationOptions.CookieOptions.RememberMeDuration);
props.ExpiresUtc = new DateTimeOffset(expires);
}
}
}
context.Authentication.SignIn(props, id);
}
public static void ProcessRemovalOfSignOutMessageCookie(this IOwinContext context, MessageCookie <SignOutMessage> signOutMessageCookie)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
if (signOutMessageCookie == null)
{
throw new ArgumentNullException("signOutMessageCookie");
}
if (context.Response.StatusCode == 200 && context.Environment.ContainsKey(SignOutMessageCookieIdtoRemove))
{
signOutMessageCookie.Clear((string)context.Environment[SignOutMessageCookieIdtoRemove]);
}
}
public async Task <IHttpActionResult> Logout(string id = null)
{
Logger.Info("Logout endpoint submitted");
if (id != null && id.Length > MaxSignInMessageLength)
{
Logger.Error("id param is longer than allowed length");
return(RenderErrorPage());
}
var user = (ClaimsPrincipal)User;
if (user != null && user.Identity.IsAuthenticated)
{
var sub = user.GetSubjectId();
Logger.InfoFormat("Logout requested for subject: {0}", sub);
}
Logger.Info("Clearing cookies");
sessionCookie.ClearSessionId();
signOutMessageCookie.Clear(id);
ClearAuthenticationCookies();
SignOutOfExternalIdP();
if (user != null && user.Identity.IsAuthenticated)
{
var message = signOutMessageCookie.Read(id);
var signOutContext = new SignOutContext
{
Subject = user
};
if (message != null)
{
signOutContext.ClientId = message.ClientId;
}
await this.userService.SignOutAsync(signOutContext);
await eventService.RaiseLogoutEventAsync(user, id, message);
}
return(await RenderLoggedOutPage(id));
}
private void ClearSignInCookie(string signin)
{
var cookie = new MessageCookie<SignInMessage>(Request.GetOwinContext(), this._options);
cookie.Clear(signin);
}
private void ClearSignInCookie(string signin)
{
var cookie = new MessageCookie <SignInMessage>(Request.GetOwinContext(), this._options);
cookie.Clear(signin);
}
public virtual Task DeleteAsync(string id)
{
Cookie.Clear(id);
return(Task.CompletedTask);
}
public Task DeleteAsync(string id)
{
_cookie.Clear(id);
return(Task.FromResult(0));
}
