OpenId Logout occurs but logout message page does not redirect #7296 | Support

Chris.Didonna created 5 months ago

ABP Framework version: v5.3.0
UI Type: Angular
Database System: EF Core (PostgreSQL.)
Tiered (for MVC) or Auth Server Separated (for Angular): no

We are using Azure B2C as our OpenId provider. Login and logout work fine, but the logout message page does not redirect.

Steps to reproduce the issue:

Set all redirect URIS in IdentityServerClientRedirectURIs and IdentityServerClientPostLogoutRedirectUris and IdentityServer Clients to the root address for the site
Set Require Front Channel and Require Back Channel Logout Sessions to false
Add the address to HttpApi.Host > AppSettings.json > App > RedirectAllowedUrls.
Logout page loads but does not redirect. It produces this URL:

https://test-catalogue.ewater.org.au:8443/Account/LoggedOut?ClientName=Repros_App&SignOutIframeUrl=https%3A%2F%2Ftest-catalogue.ewater.org.au%3A8443%2Fconnect%2Fendsession%2Fcallback%3FendSessionId%3DCfDJ8GpmCX0XUGlMgYi2yAt2aD1tSJ_2H3Sa_6r8DEmNxL7gVFwT8I9gSTxW_i4EwH4oCaflb4MkZqTSbAgt1jg5rSn7Z4K24CTuPZto0_XaIqpysPs3rEX5RepJ9HNORu4KqjWIasF_GDxXHVstS-cciLVv9EZWqN6q0r_gul3ZIQMfXYC081lQHGEPgpET1KU81yQWdJtCEAFwqhTJK69vhV8H3W_cw1ZFNlH5ZXYbrLBuvlmZJhZXpcgtJoITfHxZUg8liNI-4L8uOlcTOms_-CNM8iGtJxCfJZBnkLIf9h6z0NyZnFGsfKV4H0gFqEYYDtWrGDomDnlDL8-HjyVgp5M&Culture=en-AU&UICulture=en-AU&PageContext=Microsoft.AspNetCore.Mvc.RazorPages.PageContext

We aren't fussy, we don't need to log out the whole Azure OpenId session for every site that is using it, we just need this ABP site not to hang.

18 Answer(s)

0

liangshiwei created 5 months ago
Support Team Fullstack Developer

Can you share the full logs?

Chris.Didonna created 5 months ago

The browser error is :

Se @ main.js:1
Volo.Abp.Account.Public.Web.Pages.Account.LoggedOutModel.EDDCA25265E1322DDB0FD797A7078293.js?_v=638532254489478523:1  Uncaught TypeError: Cannot read properties of null (reading 'getAttribute')
    at Volo.Abp.Account.Public.Web.Pages.Account.LoggedOutModel.EDDCA25265E1322DDB0FD797A7078293.js?_v=638532254489478523:1:138
test-catalogue.ewater.org.au/:1

The code raising that error is ".getAttribute("cname")" here:

document.addEventListener("DOMContentLoaded", function() {
    setTimeout(function() {
        window.clientName = document.getElementById("redirectButton").getAttribute("cname");
        window.location = document.getElementById("redirectButton").getAttribute("href")
    }, 3e3)
});

The webapi log just has info messages in it from sign in to sign out.

2024-06-06 09:10:20.454 +10:00 [INF] AuthenticationScheme: "OpenIdConnect" was challenged. [Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler]
 2024-06-06 09:10:21.584 +10:00 [INF] AuthenticationScheme: "Identity.External" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:21.619 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:21.630 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:21.684 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:25.493 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:25.493 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:25.493 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:25.502 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:25.502 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
 2024-06-06 09:10:25.502 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]

liangshiwei created 5 months ago

Support Team Fullstack Developer

hi,

This may be a problem, you can try overriding the LoggedOut.js file

Put the LoggedOut.js file in the /Pages/Account/ path

document.addEventListener("DOMContentLoaded", function (event) {
    setTimeout(function () {
    
        var redirectButton = document.getElementById("redirectButton");
        if(redirectButton){
            window.clientName = redirectButton.getAttribute("cname");
            window.location = redirectButton.getAttribute("href");
        }
    }, 3000)
});

Chris.Didonna created 5 months ago

hi,

This may be a problem, you can try overriding the LoggedOut.js file

Put the LoggedOut.js file in the /Pages/Account/ path

document.addEventListener("DOMContentLoaded", function (event) { 
    setTimeout(function () { 
     
        var redirectButton = document.getElementById("redirectButton"); 
        if(redirectButton){ 
            window.clientName = redirectButton.getAttribute("cname"); 
            window.location = redirectButton.getAttribute("href"); 
        } 
    }, 3000) 
});

I don't have that path in the Angular site. Is it on the Host? Or do I need to make it from scratch and it will just work?

0

liangshiwei created 5 months ago
Support Team Fullstack Developer

You can add to the Host project
0

Chris.Didonna created 5 months ago

I put that under the wwwroot folder, still doesn't redirect after sign out.

It does work (and already worked) when running the host in debug from VS though, maybe there's some other config when it is deployed to IIS that needs to happen?
0

liangshiwei created 5 months ago
Support Team Fullstack Developer

/Pages/Account/ not wwwroot
0

Chris.Didonna created 5 months ago

To clarify:

If I do /Pages/Account the Host doesn't load.

I then tried wwwroot/Pages/Account and no effect.
0

liangshiwei created 5 months ago
Support Team Fullstack Developer

This is the PR that will fix the problem.

https://github.com/abpframework/abp/pull/19983

If I do /Pages/Account the Host doesn't load.

can you share some screenshots
0

Chris.Didonna created 5 months ago

Ok Host loaded on a second try (must have been a temporary glitch).

Tried again deployed to TEST environment, no effect.
0

liangshiwei created 5 months ago
Support Team Fullstack Developer

Can you share some screenshots?

is there any error log.
0

Chris.Didonna created 5 months ago

Errors posted in previous replies.

What would you like a screenshot of?
0

Chris.Didonna created 5 months ago

The previous version of the code is still working in the production environment. I've compared the URL on logout there with our test environment and I notice the test environment is missing this parameter: &PostLogoutRedirectUri=

I suspect that's why test doesn't redirect, it hasn't been told where to go. Why would this not be included in the URL? I checked and a value has been defined on the site:
0

liangshiwei created 5 months ago
Support Team Fullstack Developer

You can try remove the Front channel logout uri
0

Chris.Didonna created 5 months ago

Sadly still no effect. I went through all the PROD settings for the IdentityServer clients and changed the TEST values to follow the pattern but still no redirect on logout. The sign out url in TEST still didn't have &PostLogoutRedirectUri= in it.
0

maliming created 5 months ago
Support Team Fullstack Developer

hi

The sign out url in TEST still didn't have &PostLogoutRedirectUri= in it.

There must be some configuration differences between PROD and TEST.

Please try to clear the Cache and check the database values.

Also, please share the full logs.txt file for the TEST environment.

liming.ma@volosoft.com
0

Chris.Didonna created 5 months ago

Here's a log from today with a couple of sign outs: 2024-06-20 08:17:54.309 +10:00 [INF] Starting eWater.Repros.HttpApi.Host. [] 2024-06-20 08:17:59.315 +10:00 [INF] Date format check for 31 December 2020 - DateFormat = 12/31/2020, Current Culture = [eWater.Repros.Startup] 2024-06-20 08:18:08.329 +10:00 [INF] AuthenticationScheme: "OpenIdConnect" was challenged. [Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler] 2024-06-20 08:19:29.037 +10:00 [INF] AuthenticationScheme: "Identity.External" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:19:29.522 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:19:29.767 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:19:30.542 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.229 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.229 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.230 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.315 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.315 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:30.315 +10:00 [INF] AuthenticationScheme: "Identity.TwoFactorUserId" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:20:52.663 +10:00 [INF] AuthenticationScheme: "OpenIdConnect" was challenged. [Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler] 2024-06-20 08:21:08.328 +10:00 [INF] AuthenticationScheme: "Identity.External" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:21:08.368 +10:00 [INF] AuthenticationScheme: "Identity.External" signed out. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:21:08.381 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler] 2024-06-20 08:21:08.452 +10:00 [INF] AuthenticationScheme: "Identity.Application" signed in. [Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler]
0

maliming created 5 months ago
Support Team Fullstack Developer

Hi

Please share the full logs.txt file for the TEST environment.

Have an answer to this question? Log in and write your answer.