Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Single-Sign-Off does not work after upgrade #1492

Closed
1 task done
feededit opened this issue Aug 3, 2022 · 6 comments
Closed
1 task done

Single-Sign-Off does not work after upgrade #1492

feededit opened this issue Aug 3, 2022 · 6 comments
Labels
question sponsor

Comments

@feededit
Copy link

feededit commented Aug 3, 2022

Confirm you've already contributed to this project or that you sponsor it

  • I confirm I'm a sponsor or a contributor

Version

4.x (in preview)

Describe the bug

upgraded Velusia.Client to 4.0.
everything works fine.

But when Velusia.Client logs off,
Velusia.Server is not logged off.

To reproduce

Original unmodified Velusia.Client sample

Exceptions (if any)

No response
@feededit feededit added the bug label Aug 3, 2022
@kevinchalet
Copy link
Member

It's not a bug: the OpenIddict client doesn't support logout yet.

@feededit
Copy link
Author

feededit commented Aug 4, 2022

And what certificate does Velusia.Client use?

  1. Using the certificate from the Velusia.Client sample as is

  2. Jointly use the already installed certificate with Velusia.Server.

  3. Do I need to create a new client certificate?

@kevinchalet
Copy link
Member

Do I need to create a new client certificate?

Yep, it's the right option: generate a new pair of signing and encryption certificates just like you did for the server certificates.

I opened #1496 to track adding logout support in the client.

@kevinchalet kevinchalet added question and removed bug labels Aug 4, 2022
@kevinchalet
Copy link
Member

@feededit FYI, logout support was added in 4.0.0-preview3, that was released today: https://github.com/openiddict/openiddict-core/releases/tag/4.0.0-preview3

Both the Velusia and Mortis client samples were updated to target preview3:

@feededit
Copy link
Author

Note: when only one client is registered in the client options, setting the issuer property is not required and can be omitted.

Ask about [client options].

LogIn

public ActionResult LogIn(string returnUrl)
{
    var properties = new AuthenticationProperties(new Dictionary<string, string>
    {
        // [OpenIddictClientAspNetCoreConstants.Properties.Issuer] = "https://localhost:44313/"
    })

     ~~~~~~

}

LogOut

public async Task<ActionResult> LogOut(string returnUrl)
{
    var properties = new AuthenticationProperties(new Dictionary<string, string>
    {
        //[OpenIddictClientAspNetCoreConstants.Properties.Issuer] = "https://localhost:44313/",
        //[OpenIddictClientAspNetCoreConstants.Properties.IdentityTokenHint] = result.Properties.GetTokenValue(OpenIddictClientAspNetCoreConstants.Tokens.BackchannelIdentityToken)
     }

     ~~~~~~~
}

login works.

but why doesn't logout work?

@kevinchalet kevinchalet mentioned this issue Sep 1, 2022
Merged
@feededit
Copy link
Author

feededit commented Sep 2, 2022 

[HttpPost("~/logout"), ValidateAntiForgeryToken]
public async Task<ActionResult> LogOut(string returnUrl)
{

It's not an error, but I fixed it like this:

[HttpGet("~/logout"), HttpPost("~/logout"), ValidateAntiForgeryToken]
public async Task<ActionResult> LogOut(string returnUrl)
{

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question sponsor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kevinchalet @feededit