时间戳

首页 > 解决方案 > PostLogoutRedirectUri 在带有 SPA 的身份服务器 4 中始终为空(Angular 7 OIDC 客户端)

asp.net - PostLogoutRedirectUri 在带有 SPA 的身份服务器 4 中始终为空(Angular 7 OIDC 客户端)

问题描述

在具有身份服务器的 Angular 应用程序中使用 facebook 登录身份验证 4。在注销方法PostLogoutRedirectUri ,ClientName,LogoutId始终为空。

private async Task<LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId)
    {
        // get context information (client name, post logout redirect URI and iframe for federated signout)
        var logout = await _interaction.GetLogoutContextAsync(logoutId);

        var vm = new LoggedOutViewModel
        {
            AutomaticRedirectAfterSignOut = AccountOptions.AutomaticRedirectAfterSignOut,
            PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
            ClientName = string.IsNullOrEmpty(logout?.ClientName) ? logout?.ClientId : logout?.ClientName,
            SignOutIframeUrl = logout?.SignOutIFrameUrl,
            LogoutId = logoutId
        };

        if (User?.Identity.IsAuthenticated == true)
        {
            var idp = User.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
            if (idp != null && idp != IdentityServer4.IdentityServerConstants.LocalIdentityProvider)
            {
                var providerSupportsSignout = await HttpContext.GetSchemeSupportsSignOutAsync(idp);
                if (providerSupportsSignout)
                {
                    if (vm.LogoutId == null)
                    {
                        // if there's no current logout context, we need to create one
                        // this captures necessary info from the current logged in user
                        // before we signout and redirect away to the external IdP for signout
                        vm.LogoutId = await _interaction.CreateLogoutContextAsync();
                    }

                    vm.ExternalAuthenticationScheme = idp;
                }
            }
        }

        return vm;
    }

Angular oidc 客户端代码

logout(): Promise<any> {
        return this._userManager.signoutRedirect();
    }

客户端设置

public IEnumerable<Client> GetClients()
        {
            var client = new List<Client>
            {
                new Client
                {
                     ClientId = ConstantValue.ClientId,
                    ClientName = ConstantValue.ClientName,
                    AllowedGrantTypes = GrantTypes.Implicit,
                    AllowAccessTokensViaBrowser = true,
                    RequireConsent = false,
                    RedirectUris =           { string.Format("{0}/{1}", Configuration["IdentityServerUrls:ClientUrl"], "assets/oidc-login-redirect.html"), string.Format("{0}/{1}", Configuration["IdentityServerUrls:ClientUrl"], "assets/silent-redirect.html") },
                    PostLogoutRedirectUris = { string.Format("{0}?{1}", Configuration["IdentityServerUrls:ClientUrl"] , "postLogout=true") },
                    AllowedCorsOrigins =     { Configuration["IdentityServerUrls: ClientUrl"] },

                    AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        ConstantValue.ClientDashApi
                    },
                    IdentityTokenLifetime=120,
                    AccessTokenLifetime=120
                },
            };
            return client;
        }

已添加 ID

logoutId 始终为空。我能够成功登录到 facebook 返回回调方法。但重定向 uri 始终为空。

参考 IdentityServer4 PostLogoutRedirectUri null

标签: asp.netangularasp.net-coreidentityserver4openid-connect

解决方案

这可能不是您的问题,但是当我遇到与您相同的错误时,这是​​我的问题,因此我在这里发布自己的经验。

我正在关注一个 Pluralsight 视频,该视频正在使用 IdentityServer4 作为 STS 服务器构建一个 Angular 应用程序,它指示我在我正在构建的 AuthService 中的 UserManager 的配置中设置post_logout_redirect_uri 如下所示:

var config = {
        authority: 'http://localhost:4242/',
        client_id: 'spa-client',
        redirect_uri: `${Constants.clientRoot}assets/oidc-login-redirect.html`,
        scope: 'openid projects-api profile',
        response_type: 'id_token token',
        post_logout_redirect_uri: `${Constants.clientRoot}`,
        userStore: new WebStorageStateStore({ store: window.localStorage })
    }
    this._userManager = new UserManager(config);

github repo https://github.com/IdentityServer/IdentityServer4/issues/396上的一个老问题讨论了这样一个事实,即这是现在自动设置的,不需要显式设置(参见线程的结尾)。一旦我从配置中删除它,我就不再遇到 AccountController 的 Logout 方法中logoutId为空的问题:

/// <summary>
/// Show logout page
/// </summary>
[HttpGet]
public async Task<IActionResult> Logout(string logoutId)

所以这对我来说是正确的配置设置:

var config = {
        authority: 'http://localhost:4242/',
        client_id: 'spa-client',
        redirect_uri: `${Constants.clientRoot}assets/oidc-login-redirect.html`,
        scope: 'openid projects-api profile',
        response_type: 'id_token token',
        userStore: new WebStorageStateStore({ store: window.localStorage })
    }
    this._userManager = new UserManager(config);

推荐阅读