Asp.net mvc 4 在mvc客户端中使用identityserver3库注销identityserver4
我有一个IdentityServer4身份验证服务器。我还有一个ASP.NET MVC(.NET Framework 4.6)web客户端。我正在尝试注销用户,使用Asp.net mvc 4 在mvc客户端中使用identityserver3库注销identityserver4,asp.net-mvc-4,identityserver4,identityserver3,Asp.net Mvc 4,Identityserver4,Identityserver3,我有一个IdentityServer4身份验证服务器。我还有一个ASP.NET MVC(.NET Framework 4.6)web客户端。我正在尝试注销用户,使用 Request.GetOwinContext().Authentication.SignOut(); 然后将其重定向到身份验证服务器帐户/注销视图- 您现在已注销。单击此处返回到客户端应用程序 单击注销重定向后,我被重定向到我的页面,在那里我可以再次单击登录。单击“登录”后,我将自动登录。似乎注销不起作用。我错过了什么?多谢各位
Request.GetOwinContext().Authentication.SignOut();
然后将其重定向到身份验证服务器帐户/注销视图-
您现在已注销。单击此处返回到客户端应用程序
单击注销重定向后,我被重定向到我的页面,在那里我可以再次单击登录。单击“登录”后,我将自动登录。似乎注销不起作用。我错过了什么?多谢各位
更新:
Identity Server 4日志如下
[02:41:07调试]IdentityServer4.Services.DefaultClaimsService获取
声明客户端的访问令牌:dpcdwebclient
[02:41:07调试]IdentityServer4.Services.DefaultClaimsService获取
声明客户端的访问令牌:dpcdwebclient
[02:41:07调试]IdentityServer4.Endpoints.TokenEndpoint令牌请求
成功
[02:41:07调试]IdentityServer4.Endpoints.TokenEndpoint令牌请求
成功
[02:41:10信息]
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme:Identity。已成功创建应用程序
认证的
[02:41:10信息]
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme:Identity。已成功创建应用程序
认证的
[02:41:10信息]
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme:Identity。已成功创建应用程序
认证的
[02:41:10信息]
Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme:Identity。已成功创建应用程序
认证的
[02:41:10调试]IdentityServer4.Hosting.EndpointRouter请求路径
/连接/endsession与端点类型endsession匹配
[02:41:10调试]IdentityServer4.Hosting.EndpointRouter请求路径
/连接/endsession与端点类型endsession匹配
[02:41:10调试]IdentityServer4.Hosting.EndpointRouter端点
已启用:Endsession,已成功创建处理程序:
IdentityServer4.Endpoints.EndSessionEndpoint
[02:41:10调试]IdentityServer4.Hosting.EndpointRouter端点
已启用:Endsession,已成功创建处理程序:
IdentityServer4.Endpoints.EndSessionEndpoint
[02:41:10信息]
IdentityServer4.Hosting.IdentityServer中间件调用
IdentityServer终结点:IdentityServer 4.Endpoints.EndSessionEndpoint
for/connect/endsession
[02:41:10信息]
IdentityServer4.Hosting.IdentityServer中间件调用
IdentityServer终结点:IdentityServer 4.Endpoints.EndSessionEndpoint
for/connect/endsession
[02:41:10调试]IdentityServer4.Endpoints.EndSessionEndpoint
处理cc5a2d8c-77d9-477d-8eed-48b8cb7cc8df的签出请求
[02:41:10调试]IdentityServer4.Endpoints.EndSessionEndpoint
处理cc5a2d8c-77d9-477d-8eed-48b8cb7cc8df的签出请求
[02:41:10调试]IdentityServer4.Validation.EndSessionRequestValidator
开始-结束会话请求验证
[02:41:10调试]IdentityServer4.Validation.EndSessionRequestValidator
开始-结束会话请求验证
[02:41:10调试]IdentityServer4.Validation.TokenValidator启动
身份令牌验证
[02:41:10调试]IdentityServer4.Validation.TokenValidator启动
身份令牌验证
[02:41:10调试]IdentityServer4.EntityFramework.Stores.ClientStore
在数据库中找到dpcdwebclient:True
[02:41:10调试]IdentityServer4.EntityFramework.Stores.ClientStore
在数据库中找到dpcdwebclient:True
[02:41:10调试]IdentityServer4.Validation.TokenValidator客户端
找到:dpcdwebclient/DPCD Web客户端
[02:41:10调试]IdentityServer4.Validation.TokenValidator客户端
找到:dpcdwebclient/DPCD Web客户端
[02:41:10调试]IdentityServer4.Validation.TokenValidator调用
进入自定义令牌验证程序:
IdentityServer4.Validation.DefaultCustomTokenValidator
[02:41:10调试]IdentityServer4.Validation.TokenValidator调用
进入自定义令牌验证程序:
IdentityServer4.Validation.DefaultCustomTokenValidator
[02:41:10调试]IdentityServer4.Validation.TokenValidator令牌
验证成功{“ClientId”:“dpcdwebclient”,“ClientName”:
“DPCD Web客户端”,“ValidateLifetime”:false,“声明”:{
“nbf”:1516560060,
“经验”:1516560360,
“iss”:“,
“aud”:“dpcdwebclient”,
“暂时性”:“63652156858596713051.ZGU2MM3YZMTMJI5YI00YMFLLTHMZUTBJM2NWIWZJJZTHMMNKN2ETNMFLYS00NJZIZIZIZIZYWMTNJ3YJEZYM4YZY5”,
“iat”:1516560060,
“c_散列”:“OOI3bdt6NUGB4bptfc9w_A”,
“sid”:“5caef14630a16f452d9b0bfe03906fe5”,
“接头”:“cc5a2d8c-77d9-477d-8eed-48b8cb7cc8df”,
“授权时间”:1516559499,
“idp”:“本地”,
“amr”:“pwd”}
[02:41:10调试]IdentityServer4.Validation.TokenValidator令牌
验证成功{“ClientId”:“dpcdwebclient”,“ClientName”:
“DPCD Web客户端”,“ValidateLifetime”:false,“声明”:{
“nbf”:1516560060,
“经验”:1516560360,
“iss”:“,
“aud”:“dpcdwebclient”,
“暂时性”:“63652156858596713051.ZGU2MM3YZMTMJI5YI00YMFLLTHMZUTBJM2NWIWZJJZTHMMNKN2ETNMFLYS00NJZIZIZIZIZYWMTNJ3YJEZYM4YZY5”,
“iat”:1516560060,
“c_散列”:“OOI3bdt6NUGB4bptfc9w_A”,
“sid”:“5caef14630a16f452d9b0bfe03906fe5”,
“接头”:“cc5a2d8c-77d9-477d-8eed-48b8cb7cc8df”,
“授权时间”:1516559499,
“idp”:“本地”,
“amr”:“pwd”}
[02:41:10信息]
IdentityServer4.Validation.EndSessionRequestValidator结束会话
请求验证成功{“ClientId”:“dpcdwebclient”,“客户端名称”:“DPCD Web客户端”
[HttpGet]
public ActionResult SignOut()
{
Request.GetOwinContext().Authentication.SignOut();
return Redirect("/");
}
//signout-oidc redirect
[AllowAnonymous]
public ActionResult LogoutCallback()
{
Request.GetOwinContext().Authentication.SignOut("Cookies");
return RedirectToAction("Index", "Home");
}
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Logout(LogoutInputModel model)
{
// build a model so the logged out page knows what to display
var vm = await _account.BuildLoggedOutViewModelAsync(model.LogoutId);
var user = HttpContext.User;
if (user?.Identity.IsAuthenticated == true)
{
// delete local authentication cookie
await HttpContext.SignOutAsync();
// raise the logout event
await _events.RaiseAsync(new UserLogoutSuccessEvent(user.GetSubjectId(), user.GetDisplayName()));
}
// check if we need to trigger sign-out at an upstream identity provider
if (vm.TriggerExternalSignout)
{
// build a return URL so the upstream provider will redirect back
// to us after the user has logged out. this allows us to then
// complete our single sign-out processing.
string url = Url.Action("Logout", new { logoutId = vm.LogoutId });
// this triggers a redirect to the external provider for sign-out
return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme);
}
return View("LoggedOut", vm);
}
new Client
{
ClientId = "dpcdwebclient",
ClientName = "DPCD Web Client",
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
Enabled = true,
RequireConsent = false,
ClientSecrets =
{
new Secret("secret".Sha256())
},
RedirectUris = { "http://localhost:9002/signin-oidc" },
PostLogoutRedirectUris = { "http://localhost:9002/signout-callback-oidc" },
AlwaysIncludeUserClaimsInIdToken = true,
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.OfflineAccess,
"myapi"
},
AllowOfflineAccess = true
},
RedirectToIdentityProvider = n =>
{
// if signing out, add the id_token_hint
if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.LogoutRequest)
{
var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token");
if (idTokenHint != null)
{
n.ProtocolMessage.IdTokenHint = idTokenHint.Value;
}
}
return Task.FromResult(0);
},
public ActionResult Logout()
{
Request.GetOwinContext().Authentication.SignOut();
return Redirect("/");
}
public void SignoutCleanup(string sid)
{
var cp = (ClaimsPrincipal)User;
var sidClaim = cp.FindFirst("sid");
if (sidClaim != null && sidClaim.Value == sid)
{
Request.GetOwinContext().Authentication.SignOut("Cookies");
}
}