我有一个类似于https://github.com/IdentityServer/IdentityServer4/issues/3153的问题。
我使用了Asp Net Identity和EF Core组合示例,一切都工作正常,包括数据库、种子数据和api调用,但当我尝试从IS页面注销时,它无法删除.AspNetCore.Cookies
,这个cookie是保持用户在客户端登录的。
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Logout(LogoutInputModel model)
{
// build a model so the logged out page knows what to display
var vm = await BuildLoggedOutViewModelAsync(model.LogoutId);
if (User?.Identity.IsAuthenticated == true)
{
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: User Is Authenticated" + "</AUDIT>");
try
{
await _signInManager.SignOutAsync();
await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme);
// raise the logout event
await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName()));
}
catch (NotSupportedException)
{
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: SignOutAsync Not Supported" + "</AUDIT>");
}
}
/* https://github.com/IdentityServer/IdentityServer4/issues/855 */
// check if we need to trigger sign-out at an upstream identity provider
// delete local authentication cookie
Response.Cookies.Delete(".AspNetCore.Identity.Application");
Response.Cookies.Delete("idserv.external");
Response.Cookies.Delete("idserv.session");
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: Trigger external signout " + vm.TriggerExternalSignout + "</AUDIT>");
if (vm.TriggerExternalSignout)
{
// build a return URL so the upstream provider will redirect back
// to us after the user has logged out. this allows us to then
// complete our single sign-out processing.
string url = Url.Action("Logout", new { logoutId = vm.LogoutId });
//url = _configuration["AppSettings:PostLogoutRedirectUri"];
url = vm.PostLogoutRedirectUri;
//url = "redirect.html";
// this triggers a redirect to the external provider for sign-out
_log.LogCustomInfo(LoggingType.Information, "<AUDIT>" + "Logout: Redirect to " + url + "</AUDIT>");
return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme);
}
return View("LoggedOut", vm);
}
我在使用Angular客户端和MVC应用程序时遇到了相同的问题。
如果我手动删除.AspNetCore.Identity.Application
,客户端将注销。我正在使用keycloak
进行身份验证并且使用
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
在启动时的 IS 配置选项中。