private async Task <LogoutViewModel> BuildLogoutViewModelAsync(string logoutId)
{
var vm = new LogoutViewModel {
LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt
};
if (User?.Identity.IsAuthenticated != true)
{
vm.ShowLogoutPrompt = false;
return(vm);
}
var context = await _interaction.GetLogoutContextAsync(logoutId);
if (context?.ShowSignoutPrompt == false)
{
vm.ShowLogoutPrompt = false;
return(vm);
}
return(vm);
}
/// <summary>
/// Find out which realms the user is signed in - sign them out from all of them, and return to @replyTo
/// </summary>
/// <param name="replyTo">Redirect to this address after signout is done</param>
/// <param name="relyingPartyUrl"></param>
/// <returns>A bit of html, which renders images with signout urls for all domains.</returns>
private ActionResult SignOut(string replyTo, string relyingPartyUrl)
{
// First, remove the session authentication cookie for the STS
FederatedAuthentication.SessionAuthenticationModule.SignOut();
var ci = (ClaimsIdentity)HttpContext.Current.User.Identity;
// Get all urls where the user has signed in previously, and make them into a list of strings with the format "{url}?wa=wsignoutcleanup1.0"
var logoutUrls = ci.FindAll(i => i.Type == ClaimTypes.Uri).Select(i => string.Format("{0}?wa={1}", i.Value, SignOutCleanupLiteral)).ToList();
// Construct a viewmodel from the logout urls and replyto address
var model = new LogoutViewModel { LogoutUrls = logoutUrls, ReplyTo = replyTo };
// Add relying party url if it isn't in there, because in some cases, a client might call signout even though the local STS cookie has expired
var relyingPartyUrlCleanup = string.Format("{0}?wa={1}", relyingPartyUrl, SignOutCleanupLiteral);
if (!logoutUrls.Contains(relyingPartyUrlCleanup)) logoutUrls.Add(relyingPartyUrlCleanup);
// Build a viewresult object and return that
var viewResult = new ViewResult
{
ViewName = "~/Views/Shared/Logout.cshtml",
ViewData = new ViewDataDictionary(model)
};
return viewResult;
}
