我正在尝试让隐式流程为 IdentityServer4 工作。登录和注销工作正常,但是 PostLogoutRedirectUri 返回 null,尽管设置了需要设置的值。我想要的是注销过程在注销完成后重定向回我的应用程序。
我正确获取了 logoutId,并且 Logout 调用了 BuildLoggedOutViewModelAsync:
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Logout(LogoutInputModel model)
{
var vm = await _account.BuildLoggedOutViewModelAsync(model.LogoutId);
...
这个方法位于我的AccountService.cs类中,然后调用DefaultIdentityServiceInteractionService的GetLogoutContextAsync:
public async Task<LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId)
{
// get context information (client name, post logout redirect URI and iframe for federated signout)
var logout = await _interaction.GetLogoutContextAsync(logoutId);
...
这会创建一个 IdentityServer4.Models.LogoutRequest。
SignOutIFrameUrl
字符串属性设置为,但"http://localhost:5000/connect/endsession/callback?sid=bf112f7785bc860fcc4351893012622e&logoutId=d6649e7f818d9709b2c0bc659696abdf"
LogoutRequest 中似乎没有填充任何其他内容。
不幸的是,这意味着PostLogoutRedirectUri
是空的,而AutomaticRedirectAfterSignOut
也是空的,当LoggedOut.cshtml
页面加载时,signout-callback.js
文件永远不会加载:
@section scripts
{
@if (Model.AutomaticRedirectAfterSignOut)
{
<script src="~/js/signout-redirect.js"></script>
}
}
这是我的配置设置。
配置文件:
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "implicit.client",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"ContractManagerAPI"
},
RedirectUris = { "http://localhost:9000/" },
PostLogoutRedirectUris = { "http://localhost:9000/" },
AllowedCorsOrigins = { "http://localhost:9000" },
RequireConsent = false,
}
};
}
app.ts(js客户端):
import {UserManager} from 'oidc-client';
import { inject, Factory } from 'aurelia-framework';
@inject(Factory.of(UserManager))
export class App {
userManager: UserManager;
constructor(userManagerFactory){
let config = {
authority: 'http://localhost:5000',
client_id: 'implicit.client',
response_type: 'id_token token',
scope: 'openid profile ContractManagerAPI',
redirect_uri: 'http://localhost:9000/',
post_logout_redirect_uri: 'http://localhost:9000/'
};
this.userManager = userManagerFactory(config);
}
login(){
this.userManager.signinRedirect();
}
logout(){
this.userManager.signoutRedirect();
}
}
Startup.cs 的相关部分:
services.AddIdentityServer()
.AddTemporarySigningCredential()
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients())
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddContractManagerUserStore()
.AddProfileService<ContractManagerProfileService>();
在找出我哪里出错的任何帮助将不胜感激。
谢谢!