I have an IdentityServer4 identity-server-client as a client for an external IdentityServer4 identity-server-master I have some issues with logging out from identity-server-client when signing out at identity-server-master . I have specified SignedOutCallBackPath and RemoteSignedOutPath in AddOpenIdConnect for identity-server-master in identity-server-client . I have also specified FrontChannelLogoutUri and PostLogoutRedirectUri for the client.
I have followed this sample from Identity Server 4 .
Configuration in the identity-server-client
.AddOpenIdConnect("demoidsrv", "IdentityServer", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
options.Authority = "https://demo.identityserver.io/";
options.ClientId = "implicit";
options.ResponseType = "id_token";
options.SaveTokens = true;
options.CallbackPath = "/signin-idsrv";
options.SignedOutCallbackPath = "/signout-callback-idsrv";
options.RemoteSignOutPath = "/signout-idsrv";
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
RoleClaimType = "role"
};
})
...And the configuration in identity-server-master from their demo instance
new Client
{
ClientId = "implicit",
ClientName = "Implicit Client",
AllowAccessTokensViaBrowser = true,
RedirectUris = { "https://notused" },
PostLogoutRedirectUris = { "https://notused" },
FrontChannelLogoutUri = "http://localhost:5000/signout-idsrv", // for testing identityserver on localhost
AllowedGrantTypes = GrantTypes.Implicit,
AllowedScopes = { "openid", "profile", "email", "api" },
},
The problem is that when it tries to make an front channel sign out, it cannot find the path. I'm clueless...
Solved this by adding an endpoint for front-channel-logout that basically kills the ongoing session. I do not know if this is the best solution as I understand that front-channel-logout can be used with an iframe on the logged-out page in IdentityServer4.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.