stackoom
  简体   繁体   中英

How to logout from IdentityServer4-client from External IdentityServer4 using FrontChannelLogout

 原文  2018-12-05 14:13:25       c#/ .net-core/ identityserver4

Question

I have an IdentityServer4 identity-server-client as a client for an external IdentityServer4 identity-server-master I have some issues with logging out from identity-server-client when signing out at identity-server-master . I have specified SignedOutCallBackPath and RemoteSignedOutPath in AddOpenIdConnect for identity-server-master in identity-server-client . I have also specified FrontChannelLogoutUri and PostLogoutRedirectUri for the client.

I have followed this sample from Identity Server 4 .

Configuration in the identity-server-client 

.AddOpenIdConnect("demoidsrv", "IdentityServer", options =>
            {
                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
                options.SignOutScheme = IdentityServerConstants.SignoutScheme;

                options.Authority = "https://demo.identityserver.io/";
                options.ClientId = "implicit";
                options.ResponseType = "id_token";
                options.SaveTokens = true;
                options.CallbackPath = "/signin-idsrv";
                options.SignedOutCallbackPath = "/signout-callback-idsrv";
                options.RemoteSignOutPath = "/signout-idsrv";

                options.TokenValidationParameters = new TokenValidationParameters
                {
                    NameClaimType = "name",
                    RoleClaimType = "role"
                };
            })

...And the configuration in identity-server-master from their demo instance 

                new Client
            {
                ClientId = "implicit",
                ClientName = "Implicit Client",
                AllowAccessTokensViaBrowser = true,

                RedirectUris = { "https://notused" },
                PostLogoutRedirectUris = { "https://notused" },
                FrontChannelLogoutUri = "http://localhost:5000/signout-idsrv", // for testing identityserver on localhost

                AllowedGrantTypes = GrantTypes.Implicit,
                AllowedScopes = { "openid", "profile", "email", "api" },
            },

The problem is that when it tries to make an front channel sign out, it cannot find the path. I'm clueless...

1 answers

solution1
 0 ACCPTED  2018-12-12 15:34:52

Solved this by adding an endpoint for front-channel-logout that basically kills the ongoing session. I do not know if this is the best solution as I understand that front-channel-logout can be used with an iframe on the logged-out page in IdentityServer4.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question IdentityServer4 as external provider, how to avoid logout prompt? IdentityServer4 - Using External Authentication IdentityServer4 + ASP.Net Core Identity Signout from Client does not logout on ID4 Logout IdentityServer4 from .NET Core logs me back in How to seperate IdentityServer4 authentication from authorization How to get 401 response from identityServer4 How to request User Info from IdentityServer4 How to customise table name from identityserver4? IdentityServer4, local API, external REST client Sign out from OIDC client not working with IdentityServer4
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM