我想把一个url参数传递给我的idp的endsession端点。
这就是我试图做到的:
在我的客户端应用程序的注销操作中,我有:
var authprops = new AuthenticationProperties { RedirectUri = postSignoutReturnUrl };
authprops.Dictionary["custom"] = "custom";
HttpContext.GetOwinContext().Authentication.SignOut( authprops,
OpenIdConnectAuthenticationDefaults.AuthenticationType,
CookieAuthenticationDefaults.AuthenticationType);
在我的openid连接中间件中,我有:
new OpenIdConnectAuthenticationNotifications
{
RedirectToIdentityProvider = n =>
{
....
if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.Logout)
{
//the state is null during signout !!!
if (n.ProtocolMessage.State != null)
{
var protectedState = n.ProtocolMessage.State.Split('=')[1];
var state = n.Options.StateDataFormat.Unprotect(protectedState);
if (state.Dictionary.TryGetValue("custom", out string customParam))
n.ProtocolMessage.SetParameter("custom", customParam);
}
}
return Task.CompletedTask;
},
关于如何以正确的方式做到这一点,有什么建议吗?
调用owinContext.Signout(authenticationProperties, ...)后,authenticationProperties可以通过owinContext.Authentication.AuthenticationResponseRevoke.Properties访问。
类似地,您可以访问以下项的authenticationProperties:
owinContext.SignIn(authenticationProperties, ...)➡owinContext.Authentication.AuthenticationResponseGrant.PropertiesowinContext.Challenge(authenticationProperties, ...)➡owinContext.Authentication.AuthenticationResponseChallenge.Properties
IOwinContext可以在RedirectToIdentityProviderNotification.OwinContext中找到(它是Microsoft.Owin.Security.Provider.BaseContext的一部分。