IDSRV4注销 - 动态获取ClientId

时间:2017-10-04 14:27:04

标签: identityserver4 oidc

有许多关于如何使用IdentityServer4在注销期间清除持久授权的示例,但它们都显示静态设置ClientId。任何人都知道如何动态获取ClientId,因为我计划将此IdentityServer与几个不同的客户端一起使用。以下是您经常找到的代码found here,请查看倒数第二行:

[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public async Task<IActionResult> Logout(LogoutViewModel model)
{
    var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
    var subjectId = HttpContext.User.Identity.GetSubjectId();

    if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider)
    {
        if (model.LogoutId == null)
        {
            // if there's no current logout context, we need to create one
            // this captures necessary info from the current logged in user
            // before we signout and redirect away to the external IdP for signout
            model.LogoutId = await _interaction.CreateLogoutContextAsync();
        }

        string url = "/Account/Logout?logoutId=" + model.LogoutId;
        try
        {
            // hack: try/catch to handle social providers that throw
            await HttpContext.Authentication.SignOutAsync(idp, new AuthenticationProperties { RedirectUri = url });
        }
            catch(NotSupportedException)
        {
        }
    }

    // delete authentication cookie
    await _signInManager.SignOutAsync();

    // set this so UI rendering sees an anonymous user
    HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());

    // get context information (client name, post logout redirect URI and iframe for federated signout)
    var logout = await _interaction.GetLogoutContextAsync(model.LogoutId);

    var vm = new LoggedOutViewModel
    {
        PostLogoutRedirectUri = logout?.PostLogoutRedirectUri,
        ClientName = logout?.ClientId,
        SignOutIframeUrl = logout?.SignOutIFrameUrl
    };

    await _persistedGrantService.RemoveAllGrantsAsync(subjectId, "angular2client");

    return Redirect(Config.HOST_URL + "/index.html");
}

1 个答案:

答案 0 :(得分:1)

这是我最终使用的:

    /// <summary>
    /// Handle logout page postback
    /// </summary>
    [HttpPost]
    [ValidateAntiForgeryToken]
    public async Task<IActionResult> Logout(LogoutInputModel model)
    {
        var vm = await _account.BuildLoggedOutViewModelAsync(model.LogoutId);

        if (vm.TriggerExternalSignout)
        {
            string url = Url.Action("Logout", new { logoutId = vm.LogoutId });
            try
            {
                // hack: try/catch to handle social providers that throw
                await HttpContext.Authentication.SignOutAsync(vm.ExternalAuthenticationScheme,
                    new AuthenticationProperties { RedirectUri = url });
            }
            catch (NotSupportedException) // this is for the external providers that don't have signout
            {
            }
            catch (InvalidOperationException) // this is for Windows/Negotiate
            {
            }
        }

        // delete local authentication cookie
        await HttpContext.Authentication.SignOutAsync();

        var user = await HttpContext.GetIdentityServerUserAsync();
        if (user != null)
        {
            await _persistedGrantService.RemoveAllGrantsAsync(user.GetSubjectId(), vm.ClientName);
            await _events.RaiseAsync(new UserLogoutSuccessEvent(user.GetSubjectId(), user.GetName()));                
        }

        return View("LoggedOut", vm);
    }
相关问题
最新问题