Comments (8)
Got it finally working.
On the client side, the only thing you have to do is to call the signoutRedirect() function (of oicd-client-js), which is already done in this template. This will call the End Session Endpoint (connect/endsession) of IdentityServer, which by default will redirect you to the Account/Logout route, but only if such a route exists (which is not the case in this template).
So you have to create a Logout() method in the AccountController.cs class, where you call the SignOutAsync() method, which will revoke the cookie, and then you can redirect back to the client.
[HttpGet]
public async Task<IActionResult> Logout(string logoutId)
{
await _signInManager.SignOutAsync();
return Redirect("http//:localhost:4200");
}
Instead of hardcoding the url of the client you can also use the PostLogoutRedirectUri that is passed by the client's call issued by signoutRedirect().
To access this parameter on the server, you can do the following:
var context = await _interaction.GetLogoutContextAsync(logoutId); return Redirect(context.PostLogoutRedirectUri);
... where _interaction is a IIdentityServerInteractionService.
from angularaspnetcoreoauth.
It works for me. One possible reason is that you might click the 'Remember me' when you made first login. Another possible reason for this is that authentication token is still in the local storage. Try to clean the browser history and it might jump out the trap.
from angularaspnetcoreoauth.
Doesn't work for me either. The signout() function doesn't delete the cookie. (I did not select 'Remember me' during the login)
from angularaspnetcoreoauth.
Doesn't work for me either. The signup() function doesn't delete the cookie. (I did not select 'Remember me' during the login)
Do you mean 'Sign out' instead of 'Sign up'? If so, yes, there's a problem in delete token cookie. Probably it's some unknown bugs in IdentityServer4. Since there's only one redirect method called in Signout. I'm also trying to fix this problem.
from angularaspnetcoreoauth.
Doesn't work for me either. The signup() function doesn't delete the cookie. (I did not select 'Remember me' during the login)
Do you mean 'Sign out' instead of 'Sign up'? If so, yes, there's a problem in delete token cookie. Probably it's some unknown bugs in IdentityServer4. Since there's only one redirect method called in Signout. I'm also trying to fix this problem.
Yes I meant "Sign Out", thank you. It also seems to me that it's a bug in Identity Server. The signoutRedirect() in your code calls properly the End Session endpoint, with the id_token_hint and post_logout_redirect_uri parameters set (I checked that in Fiddler).
Did this also occur in earlier versions of Identity Server or do you know a version where it works?
Or maybe do you know of another way to solve this? (There has to be, as many pages use IdentityServer in production, and it's recommended by Microsoft...)
Btw: I opened the following issue on the IdentityServer hub:
IdentityServer/IdentityServer4#3593
from angularaspnetcoreoauth.
Got it finally working.
On the client side, the only thing you have to do is to call the signoutRedirect() function (of oicd-client-js), which is already done in this template. This will call the End Session Endpoint (connect/endsession) of IdentityServer, which by default will redirect you to the Account/Logout route, but only if such a route exists (which is not the case in this template).
So you have to create a Logout() method in the AccountController.cs class, where you call the SignOutAsync() method, which will revoke the cookie, and then you can redirect back to the client.[HttpGet] public async Task<IActionResult> Logout(string logoutId) { await _signInManager.SignOutAsync(); return Redirect("http//:localhost:4200"); }
Instead of hardcoding the url of the client you can also use the PostLogoutRedirectUri that is passed by the client's call issued by signoutRedirect().
To access this parameter on the server, you can do the following:
var context = await _interaction.GetLogoutContextAsync(logoutId); return Redirect(context.PostLogoutRedirectUri);
... where _interaction is a IIdentityServerInteractionService.
This is not correct solution, what's the meaning of using MVC controller action in angular app? By doing this you can't logout when angular app runs outside .net scope and using 'ng serve', controller will not listen your logout call.
from angularaspnetcoreoauth.
I had similar issue and to fix this you don't need .net core assemblies (check my above comment), here's the resolution IdentityServer/IdentityServer4#3854
from angularaspnetcoreoauth.
All fixed as of 64452e0
Thanks so much, @nkaenzig and @itorian for the feedback!
from angularaspnetcoreoauth.
Related Issues (16)
- Get Data From API Securely without user login HOT 1
- Can't get loggedin HOT 1
- Google and Facebook auth HOT 1
- Failed to load resource: the server responded with a status of 403(Forbidden) - :5050.api/values:1
- PersistedGrantDbContext issue HOT 3
- TopSecret redirects to login on browser page refresh (F5)
- Missing extraTokenParams
- Security Concerns HOT 3
- AccountController cannot resolve action 'Challenge' HOT 2
- The purpose of ResourceAPI
- Cookies marked with SameSite=None must also be marked with Secure to allow setting them in a cross-site context. This behavior protects user data from being sent over an insecure connection.
- Fail to delete the corrupted, empty database in AWS RDS HOT 1
- Login does not work HOT 16
- Upgrade API to Core 3
- angular 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from angularaspnetcoreoauth.