Open Closed

Logout from External Provider #7453


User avatar
0
neethucp created
  • ABP Framework version: v8.2.0
  • UI Type: Blazor Server
  • Database System: EF Core
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes

Hi,

We have integrated Azure AD authentication in our application. However, when we try to logout, it does not logout from Azure AD. Can you please guide us on how to implement logout from external provider in abp?


29 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    For example:

    [Route("connect/logout")]
    [ApiExplorerSettings(IgnoreApi = true)]
    [Dependency(ReplaceServices = true)]
    [ExposeServices(typeof(LogoutController))]
    public class MyLogoutController : LogoutController
    {
        [HttpGet]
        public async override Task<IActionResult> GetAsync()
        {
            await SignInManager.SignOutAsync();
    
            var post_logout_redirect_uri = HttpContext.Request.Query["post_logout_redirect_uri"].ToString();
            
            return SignOut(authenticationSchemes: "AzureAD" , properties: new AuthenticationProperties()
            {
                RedirectUri = post_logout_redirect_uri.Replace("signout-callback-oidc", "")
            });
        }
    }
    
  • User Avatar
    0
    neethucp created

    Hi,

    This doesn't look right to me. Auth server is supposed to validate the post logout redirect uri against the uris registered for the client application and then invoke the post logout redirect uri which will be handled by OpenIdConnectHandler in the client application. The client application then decides which page to display.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    You can try

    [Route("connect/logout")]
    [ApiExplorerSettings(IgnoreApi = true)]
    [Dependency(ReplaceServices = true)]
    [ExposeServices(typeof(LogoutController))]
    public class MyLogoutController : LogoutController
    {
        [HttpGet]
        public async override Task<IActionResult> GetAsync()
        {
            await SignInManager.SignOutAsync();
    
            var post_logout_redirect_uri = HttpContext.Request.Query["post_logout_redirect_uri"].ToString();
            
            return SignOut(authenticationSchemes: "AzureAD" , properties: new AuthenticationProperties()
            {
                RedirectUri ="https://localhost:44322/account/loggedout?PostLogoutRedirectUri="+ post_logout_redirect_uri.Replace("signout-callback-oidc", "")
            });
        }
    }
    
  • User Avatar
    0
    neethucp created

    Hi,

    Just figured out that we can get the state from the request. Now it is working as expected. Thank you for the support.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 01, 2024, 05:35