Open Closed

OpenId Logout occurs but logout message page does not redirect #7296


User avatar
0
Chris.Didonna created
  • ABP Framework version: v5.3.0
  • UI Type: Angular
  • Database System: EF Core (PostgreSQL.)
  • Tiered (for MVC) or Auth Server Separated (for Angular): no

We are using Azure B2C as our OpenId provider. Login and logout work fine, but the logout message page does not redirect.

  • Steps to reproduce the issue:
  1. Set all redirect URIS in IdentityServerClientRedirectURIs and IdentityServerClientPostLogoutRedirectUris and IdentityServer Clients to the root address for the site
  2. Set Require Front Channel and Require Back Channel Logout Sessions to false
  3. Add the address to HttpApi.Host > AppSettings.json > App > RedirectAllowedUrls.
  4. Logout page loads but does not redirect. It produces this URL:
https://test-catalogue.ewater.org.au:8443/Account/LoggedOut?ClientName=Repros_App&SignOutIframeUrl=https%3A%2F%2Ftest-catalogue.ewater.org.au%3A8443%2Fconnect%2Fendsession%2Fcallback%3FendSessionId%3DCfDJ8GpmCX0XUGlMgYi2yAt2aD1tSJ_2H3Sa_6r8DEmNxL7gVFwT8I9gSTxW_i4EwH4oCaflb4MkZqTSbAgt1jg5rSn7Z4K24CTuPZto0_XaIqpysPs3rEX5RepJ9HNORu4KqjWIasF_GDxXHVstS-cciLVv9EZWqN6q0r_gul3ZIQMfXYC081lQHGEPgpET1KU81yQWdJtCEAFwqhTJK69vhV8H3W_cw1ZFNlH5ZXYbrLBuvlmZJhZXpcgtJoITfHxZUg8liNI-4L8uOlcTOms_-CNM8iGtJxCfJZBnkLIf9h6z0NyZnFGsfKV4H0gFqEYYDtWrGDomDnlDL8-HjyVgp5M&Culture=en-AU&UICulture=en-AU&PageContext=Microsoft.AspNetCore.Mvc.RazorPages.PageContext

We aren't fussy, we don't need to log out the whole Azure OpenId session for every site that is using it, we just need this ABP site not to hang.


18 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Can you share the full logs?

  • User Avatar
    0
    Chris.Didonna created

    The browser error is :

    Se @ main.js:1
    Volo.Abp.Account.Public.Web.Pages.Account.LoggedOutModel.EDDCA25265E1322DDB0FD797A7078293.js?_v=638532254489478523:1  Uncaught TypeError: Cannot read properties of null (reading 'getAttribute')
        at Volo.Abp.Account.Public.Web.Pages.Account.LoggedOutModel.EDDCA25265E1322DDB0FD797A7078293.js?_v=638532254489478523:1:138
    test-catalogue.ewater.org.au/:1 
    

    The code raising that error is ".getAttribute("cname")" here:

    document.addEventListener("DOMContentLoaded", function() {
        setTimeout(function() {
            window.clientName = document.getElementById("redirectButton").getAttribute("cname");
            window.location = document.getElementById("redirectButton").getAttribute("href")
        }, 3e3)
    });
    
    

    The webapi log just has info messages in it from sign in to sign out.

    2024-06-06 09:10:20.454 +10:00 [INF] AuthenticationScheme: "OpenIdConnect" was challenged. [Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler]
     2024-06-06 09:10:21.584 +10:00 [INF] AuthenticationScheme: "Identity.External" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:21.619 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:21.630 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:21.684 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:25.493 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:25.493 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:25.493 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:25.502 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:25.502 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
     2024-06-06 09:10:25.502 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
    
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    hi,

    This may be a problem, you can try overriding the LoggedOut.js file

    Put the LoggedOut.js file in the /Pages/Account/ path

    document.addEventListener("DOMContentLoaded", function (event) {
        setTimeout(function () {
        
            var redirectButton = document.getElementById("redirectButton");
            if(redirectButton){
                window.clientName = redirectButton.getAttribute("cname");
                window.location = redirectButton.getAttribute("href");
            }
        }, 3000)
    });
    
  • User Avatar
    0
    Chris.Didonna created

    hi,

    This may be a problem, you can try overriding the LoggedOut.js file

    Put the LoggedOut.js file in the /Pages/Account/ path

    document.addEventListener("DOMContentLoaded", function (event) { 
        setTimeout(function () { 
         
            var redirectButton = document.getElementById("redirectButton"); 
            if(redirectButton){ 
                window.clientName = redirectButton.getAttribute("cname"); 
                window.location = redirectButton.getAttribute("href"); 
            } 
        }, 3000) 
    }); 
    

    I don't have that path in the Angular site. Is it on the Host? Or do I need to make it from scratch and it will just work?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    You can add to the Host project

  • User Avatar
    0
    Chris.Didonna created

    I put that under the wwwroot folder, still doesn't redirect after sign out.

    It does work (and already worked) when running the host in debug from VS though, maybe there's some other config when it is deployed to IIS that needs to happen?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    /Pages/Account/ not wwwroot

  • User Avatar
    0
    Chris.Didonna created

    To clarify:

    If I do /Pages/Account the Host doesn't load.

    I then tried wwwroot/Pages/Account and no effect.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    This is the PR that will fix the problem.

    https://github.com/abpframework/abp/pull/19983

    If I do /Pages/Account the Host doesn't load.

    can you share some screenshots

  • User Avatar
    0
    Chris.Didonna created

    Ok Host loaded on a second try (must have been a temporary glitch).

    Tried again deployed to TEST environment, no effect.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Can you share some screenshots?

    is there any error log.

  • User Avatar
    0
    Chris.Didonna created

    Errors posted in previous replies.

    What would you like a screenshot of?

  • User Avatar
    0
    Chris.Didonna created

    The previous version of the code is still working in the production environment. I've compared the URL on logout there with our test environment and I notice the test environment is missing this parameter: &PostLogoutRedirectUri=

    I suspect that's why test doesn't redirect, it hasn't been told where to go. Why would this not be included in the URL? I checked and a value has been defined on the site:

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    You can try remove the Front channel logout uri

  • User Avatar
    0
    Chris.Didonna created

    Sadly still no effect. I went through all the PROD settings for the IdentityServer clients and changed the TEST values to follow the pattern but still no redirect on logout. The sign out url in TEST still didn't have &PostLogoutRedirectUri= in it.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    The sign out url in TEST still didn't have &PostLogoutRedirectUri= in it.

    There must be some configuration differences between PROD and TEST.

    Please try to clear the Cache and check the database values.

    Also, please share the full logs.txt file for the TEST environment.

    liming.ma@volosoft.com

  • User Avatar
    0
    Chris.Didonna created

    Here's a log from today with a couple of sign outs: 2024-06-20 08:17:54.309 +10:00 [INF] Starting eWater.Repros.HttpApi.Host. [] 2024-06-20 08:17:59.315 +10:00 [INF] Date format check for 31 December 2020 - DateFormat = 12/31/2020, Current Culture = [eWater.Repros.Startup] 2024-06-20 08:18:08.329 +10:00 [INF] AuthenticationScheme: "OpenIdConnect" was challenged. [Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler] 2024-06-20 08:19:29.037 +10:00 [INF] AuthenticationScheme: "Identity.External" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:19:29.522 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:19:29.767 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:19:30.542 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.229 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.229 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.230 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.315 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.315 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.315 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:52.663 +10:00 [INF] AuthenticationScheme: "OpenIdConnect" was challenged. [Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler] 2024-06-20 08:21:08.328 +10:00 [INF] AuthenticationScheme: "Identity.External" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:21:08.368 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:21:08.381 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:21:08.452 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Hi

    Please share the full logs.txt file for the TEST environment.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11