Hi,
We have this issue raised by the customer that they are getting "Unauthorized" message while they are in the middle of updating some forms and they are forced to reload the page without saving the updates they made. That is the reason that we are looking for a refresh token mechanism so that they don't get the unauthorized messages while they are actively using the application.
Hi,
Just figured out that we can get the state from the request. Now it is working as expected. Thank you for the support.
Hi,
This doesn't look right to me. Auth server is supposed to validate the post logout redirect uri against the uris registered for the client application and then invoke the post logout redirect uri which will be handled by OpenIdConnectHandler in the client application. The client application then decides which page to display.
@liangshiwei The blazor application has initiated an oidc signout flow and the expectation is that auth server will redirect back to the post logout uri with a state param.
It shows a blank page as state is missing in the signout-callback uri
This is my logout controller now. The HttpContext.Request has the post redirect uri of the blazor client application.
But it is not invoking the blazor post redirect uri when I login through external provider. Can you please help on how I can implement this?
Hi, The logout is working, but it is redirecting back to the auth server login page. How can we invoke the post logout uri of the client application?
Hi,
Is there any update on this?
Hi,
I have just added the configuration as mentioned in the document.
https://docs.abp.io/en/commercial/latest/modules/account#ipostconfigureaccountexternalprovideroptions
I have also added dynamic options configuration in the identity service. Login is working perfectly. When I checked the AbpAccountAuthenticationRequestHandler I couldn't find any handling for Signout.
The following is our configuration. Added client credentials as dynamic options, so that each tenant can configure their own credentials.
OnGetAsync of logout model is not even getting executed. Is there anything else I have to do to make this work? Is the configuration added in Auth Server in the sample you provided?
