We are using combined Angular + .net5 version 10.1.
We are connecting to our client's OpenId Connect server for authentication. We recently added a routine for authorization to synchronize roles and organizations. We have now been asked to send a logout request to the auth server when the user logs out of our application. I assume this would entail sending a token to the logout endpoint. AspNetZero does not seem to have an external logout.
I added a parameter to the "OpenId" section of appSettings.json for "UserLogoutEndpoint": "https://..." I am, however, lost as to how to have the application send the request to that endpoint.
thanks for any help you can provide on sending a logout request to an OpenId Connect endpoint.
6 Answer(s)
-
0
You can make a request to end_session_endpoint. You can check identityserver endpoint at https://myidentityserver/.well-known/openid-configuration.
However trying to signing out all the clients (Single Sign Out) is a different story and you need to implement either front-channel or back-channel logout and i think that is not your case.
-
0
The goal is to just logout the user from the auth server that logged them in to the app.
I created the path to the .well-known/openid-configuration using the same method that the login request is handled.
ValidateToken doesn't seem like the right way to send the token. Is there some other method for making the request?public async void SendLogout(string token) { var issuer = ProviderInfo.AdditionalParams["LogoutUrl"]; var configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>( issuer + "/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever(), new HttpDocumentRetriever()); var validatedTokenResult = await ValidateToken(token, issuer, configurationManager); }
-
0
Hi,
You can return the OpenID connect logout URL on https://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Web.Core/Controllers/TokenAuthController.cs#L274. Then, handle it on Angular side here https://github.com/aspnetzero/aspnet-zero-core/blob/dev/angular/src/app/shared/common/auth/app-auth.service.ts#L24 and redirect user to logout url retrieved from the server.
-
0
You can return the OpenID connect logout URL on TokenAuthController.cs I added a string output to the Logout to return the OpenId connect logoutUrl
public async Task<string> LogOut() I added a call to my previously posted function to get the LogoutUrl return _openIdConnectAuthProviderApi.SendLogout(); I added a string output to the SendLogout function from above to return the LogoutUrl public string SendLogout()Then, handle it on Angular side here in app-auth.service.ts I added a parameter to the XmlHttpRequestHelper.ajax call I added a redirect to the LogoutUrl
XmlHttpRequestHelper.ajax('GET',AppConsts.remoteServiceBaseUrl + '/api/TokenAuth/LogOut',customHeaders,null, *** (logoutUrl:string) *** => {abp.auth.clearToken();abp.auth.clearRefreshToken(); new LocalStorageService().removeItem(AppConsts.authorization.encrptedAuthTokenName); if (reload !== false) {if (returnUrl) {location.href = returnUrl;} else {location.href = '';}} *** location.href = logoutUrl;} ***
I still don't know how to send the request to the external server Logout Endpoint as I asked in both previous questions.
public string SendLogout() { var issuer = ProviderInfo.AdditionalParams["LogoutUrl"]; var configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>( issuer + "/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever(), new HttpDocumentRetriever()); //var validatedTokenResult = await ValidateToken(token, issuer, configurationManager); ***return "THE URL FROM THE LOGOUT REQUEST GOES HERE BUT HOW DO I SEND THE REQUEST?"; *** }
thank you
-
0
or did you mean that the TokenAuthController should just send the LogoutUrl from the configuration file?
thanks
-
0
Hi @henryand,
or did you mean that the TokenAuthController should just send the LogoutUrl from the configuration file?
Yes, exactly.