IdentityServer3 注销不重定向到源
IdentityServer3 Logout not Redirecting to origin
我让 MVC 从身份服务器注销,但它不会自动重定向。我什至没有得到通常默认显示的"Click here to go back"。
这是我的设置。
在 idsvr 中:
Factory 是使用 EF 的 Aspnet 身份(主要是开箱即用的实现)
IdentityServerOptions {
AuthenticationOptions =
{
EnablePostSignOutAutoRedirect = true,
SignInMessageThreshold = 3,
EnableSignOutPrompt = false
}
}
在 MVC 中
app.UseOpenIdConnectAuthentication (new OpenIdConnectAuthenticationOptions
{
PostLogoutRedirectUri = "https://localhost:port",
RedirectUri = "https://localhost:port",
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = HereIGetRefreshTokenEtc(),
RedirectToIdentityProvider = n =>
{
if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.LogoutRequest)
{
var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token");
if (idTokenHint != null)
{
n.ProtocolMessage.IdTokenHint = idTokenHint.Value;
}
}
return Task.FromResult(0);
}
}
});
Logout Controller 动作是这样的
public ActionResult Logout()
{
//Option 1 : because I have already provided redirect URI in initial configuration
Request.GetOwinContext().Authentication.SignOut();
//Option 2: Because option 1 did not work
Request.GetOwinContext().Authentication.SignOut(new AuthenticationProperties { RedirectUri = "https://mymvc.site" });
//none of the return statements work. (obviously i have tried them individually)
return RedirectToAction("Index", "Home", new{ area = ""});
return Redirect("https://idsvr/connect/endsession");
}
我错过了什么?
知道了!
我没有在客户端配置的 PostLogoutRedirectUris 中添加 link。它正在倒下说 "Invalid post logout URI"。
我让 MVC 从身份服务器注销,但它不会自动重定向。我什至没有得到通常默认显示的"Click here to go back"。
这是我的设置。
在 idsvr 中: Factory 是使用 EF 的 Aspnet 身份(主要是开箱即用的实现)
IdentityServerOptions {
AuthenticationOptions =
{
EnablePostSignOutAutoRedirect = true,
SignInMessageThreshold = 3,
EnableSignOutPrompt = false
}
}
在 MVC 中
app.UseOpenIdConnectAuthentication (new OpenIdConnectAuthenticationOptions
{
PostLogoutRedirectUri = "https://localhost:port",
RedirectUri = "https://localhost:port",
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = HereIGetRefreshTokenEtc(),
RedirectToIdentityProvider = n =>
{
if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.LogoutRequest)
{
var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token");
if (idTokenHint != null)
{
n.ProtocolMessage.IdTokenHint = idTokenHint.Value;
}
}
return Task.FromResult(0);
}
}
});
Logout Controller 动作是这样的
public ActionResult Logout()
{
//Option 1 : because I have already provided redirect URI in initial configuration
Request.GetOwinContext().Authentication.SignOut();
//Option 2: Because option 1 did not work
Request.GetOwinContext().Authentication.SignOut(new AuthenticationProperties { RedirectUri = "https://mymvc.site" });
//none of the return statements work. (obviously i have tried them individually)
return RedirectToAction("Index", "Home", new{ area = ""});
return Redirect("https://idsvr/connect/endsession");
}
我错过了什么?
知道了! 我没有在客户端配置的 PostLogoutRedirectUris 中添加 link。它正在倒下说 "Invalid post logout URI"。