在ASP.NET Core 2中注销IdentityServer 4

时间:2018-05-16 10:32:52

标签: redirect logout identityserver4

我在ASP.NET CORE 2.0 Web应用程序中使用Identity Server 4进行身份验证。我无法退出用户。

我点击了一个链接,我在Javascript中调用了以下代码

var mgr = new Oidc.UserManager(config);
mgr.signoutRedirect();

上面的代码尝试重定向到Identity Server Web应用程序中AccountController的Logout操作(HttpPost),但是,我得到HTTP 404。我正在点击的网址如下:

  

https://www.demo.com/PIdentity/account/logout?logoutId=CfDJ8Gm9-HlsFDlKoXXEkMIomhRIbKpHhsku9jDUSDrdIYKFhqj-WnfV8T3-KCsZG9D0I_d_u9X0i8x1uFxrjZfOIcjL--W5uSd4VHY2qF7n8iWTmrn_i-mHQWOJlAJ8cZFcia6egupkqNv5-YqKyq1A_Rb2GTt3yeiTMX58UHyz96-FtcOPN6h07fA78W-Z_uRZefuvb2ocnWT9UHQsqS7T-IAyurOnnjLq97CbjGoDiCy99bnBlHm-1jPPc4F5NkQD8Q8NcIVQc2vg1M5VcxX4Ms7TCem-b3nAVlW8PWJq4aLdgvnatLBAoTzWjPdO6sD_wNarpUqxAX7ZqXHDECuP49g01BenW1zdsi75QLs3qihG

动作方法也不会受到Fiddler的打击。

我的AccountController有一个Logout操作,如下所示:

[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Logout()
{
  await _signInManager.SignOutAsync().ConfigureAwait(false);
  _logger.LogInformation("User logged out.");
  return RedirectToAction(nameof(HomeController.Index), "Home");
}

有人可以指导我。

以下是我在JS中的代码

var config = {
//authority: "https://localhost:44326/",
authority: "https://www.demo.com/DemoIdentity/",
client_id: "sett.web.js",
redirect_uri: window.location.origin + "/callback.html",
post_logout_redirect_uri: window.location.origin + "/DemoWeb/Dashboard",

// these two will be done dynamically from the buttons clicked, but are
// needed if you want to use the silent_renew
response_type: "id_token token",
scope: "openid profile api1",

// this will toggle if profile endpoint is used
loadUserInfo: true,

// silent renew will get a new access_token via an iframe 
// just prior to the old access_token expiring (60 seconds prior)
silent_redirect_uri: window.location.origin + "/DemoWeb/silent.html",
automaticSilentRenew: true,

// will revoke (reference) access tokens at logout time
revokeAccessTokenOnSignout: true,

filterProtocolClaims: false
};

var mgr = new Oidc.UserManager(config);
var access_token = ""
Oidc.Log.logger = window.console

点击我在帖子顶部给出的注销按钮的代码。

0 个答案:

没有答案