主要问题是我找不到从identityServer4注销的正确方法。
详细说明:
客户端Web应用程序startup.cs包含以下代码
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookies",
AutomaticAuthenticate = true
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
AuthenticationScheme = "oidc",
SignInScheme = "Cookies",
Authority = "http://localhost:1941/",//local identityServer4
ClientId = "testsoft",
ClientSecret = "secret",
ResponseType = "code id_token token",
GetClaimsFromUserInfoEndpoint = true,
RequireHttpsMetadata = false,
Scope = { "openid", "profile", "email" },
TokenValidationParameters = new TokenValidationParameters()
{
NameClaimType = "name",
RoleClaimType = "role"
},
AutomaticAuthenticate = false,
AutomaticChallenge = true
});
本地运行的IdentityServer4已添加客户端,如下所示
new Client
{
ClientId = "testsoft",
ClientName = "testsoft",
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
ClientUri = "http://localhost:55383/",//clientside web application url
AllowedGrantTypes = GrantTypes.Hybrid,
AllowAccessTokensViaBrowser = true,
RedirectUris = new List<string>
{
"http://localhost:55383/signin-oidc"
},
RequireConsent = false,
AllowedScopes = new List<string>
{
StandardScopes.OpenId.Name,
StandardScopes.Profile.Name,
StandardScopes.Email.Name,
StandardScopes.Roles.Name,
StandardScopes.OfflineAccess.Name,
"api1", "api2",
},
},
我能够像这样
登录并在MVC中的Controller-View上显示声明 [Authorize]
public IActionResult About()
{
return View((User as ClaimsPrincipal).Claims);
}
显示的视图是这样的。请注意,没有id_token
我能够使用cookie注销,如下所示
public async Task<IActionResult> LogOut()
{
await HttpContext.Authentication.SignOutAsync("Cookies");
return Redirect("~/");
}
但问题是我找不到从IdentityServer注销的方法。我越来越接近使用
/connect/endsession?id_token_hint=...&post_logout_redirect_uri=https://myapp.com
但是我找不到在代码中获取原始id_token的方法。在上面给出的About()方法中,我只得到声明(我认为是id_token的解密内容),并且在那些声明列表中没有可见的id_token。但不知何故设法从这个url http://localhost:55383/signin-oidc的fiddler获取id_token,然后在identityServer上注销(在上面给出的url的帮助下)。
我有以下问题:
答案 0 :(得分:2)
要退出,您是否尝试过 -
HttpContext.Authentication.SignOutAsync("oidc");
在客户的退出操作中?