时间戳

首页 > 解决方案 > Authorization_Code SignOutAsyn() 不触发结束会话

identityserver4 - Authorization_Code SignOutAsyn() 不触发结束会话

问题描述

我有一个由 Identity Server 保护的门户,授权类型为

HttpContext.SignInAsync(ClaimsPrincipal)

工作正常并将用户重定向到门户,但是 

await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

在未触发 endsession 端点以将用户重定向到身份服务器下的注销操作的情况下,该方法不起作用

public async Task Logout()
{            
            await HttpContext.SignOutAsync
                    (CookieAuthenticationDefaults.AuthenticationScheme);

}

startup.cs
ConfigureService(IServiceCollection services)
services.AddAuthentication()
            .AddCookie(cookieOptions =>
            {
                var tempProvider = services.BuildServiceProvider();
                cookieOptions.Cookie.Name = "PortalAuth";
                cookieOptions.Cookie.HttpOnly = true;

                cookieOptions.SessionStore = 
                 tempProvider.GetRequiredService<ITicketStore>();
                configureCookieOptions?.Invoke(cookieOptions);
            })
            .AddIdentityServerAuthentication(                    
               IdentityServerAuthenticationDefaults.AuthenticationScheme,
                idServOptions =>
                {
                    idServOptions.Authority = 
                       options.AuthorizationServiceUrl;
                    idServOptions.RequireHttpsMetadata = false;
                    idServOptions.ApiName = options.ApplicationName;
                    idServOptions.ApiSecret = options.ApplicationSecret;
                    idServOptions.EnableCaching = true;
                    idServOptions.CacheDuration = 
                           TimeSpan.FromMinutes(1);
                    idServOptions.SupportedTokens = 
                                SupportedTokens.Reference;
                   configureIdentityServerOptions?.Invoke(idServOptions);
                    idServOptions.Validate();
                });

var client = new Client{
...
 RedirectUris = { "http://localhost:12345" },
 PostLogoutRedirectUris = { "http://localhost:12345" },
}

我在设置中还缺少什么来触发结束会话端点。如果我需要手动调用 endsession 那么如何获取 id_token_hint 并且我正在使用 authentication_code 授权类型

var disco = await 
            DiscoveryClient.GetAsync(Constants.AuthorizationServiceUrl);
            var endSessionUrl = new 
             RequestUrl(disco.EndSessionEndpoint)
            .CreateEndSessionUrl(IdTokenHint:?,State:?);
            return Redirect(endSessionUrl);

标签: identityserver4

解决方案

推荐阅读