我已经实现了反向通道注销,URL正在调用所有客户端,但不是所有客户端都退出
- 客户机—一种登录
- 客户b登录
- 从Client-A单击Logout按钮,重定向到身份服务器注销页面
- 为client-B调用反向通道注销URL
- 为client-A调用反向通道注销URL
- 检查身份服务器——>用户已注销
- 输入Client-A的URL,重定向到身份服务器登录
- 输入Client-B的URL,我可以查看(假设是重定向到身份服务器登录页面,因为已经注销)
注销代码
public async Task<IActionResult> Logout()
{
Console.WriteLine("** MVC2 logout " + DateTime.Now.ToString("MM/dd/yyyy hh:mm:ss.fff tt"));
var client = _httpClientFactory.CreateClient("IDPClient");
var discoveryDocumentResponse = await client.GetDiscoveryDocumentAsync();
if (discoveryDocumentResponse.IsError)
{
throw new Exception(discoveryDocumentResponse.Error);
}
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
return Redirect(discoveryDocumentResponse.EndSessionEndpoint);
}
BackChannel Logout code
[HttpPost]
[AllowAnonymous]
public async Task<IActionResult> BackChannelLogout(string token)
{
Console.WriteLine("*********************** MVC1 --> BackChannelLogout " + DateTime.Now.ToString("MM/dd/yyyy hh:mm:ss.fff tt"));
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
return NoContent();
}
您的客户端注销代码不应该返回任何东西,因为这会干扰SignOutAsync内部为您创建的响应。
注销示例如下:
/// <summary>
/// Do the logout
/// </summary>
/// <returns></returns>
[HttpPost]
[ValidateAntiForgeryToken]
public async Task Logout()
{
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
//Important, this method should never return anything.
}