Ali*_*liK 5 c# asp.net-core asp.net-core-identity asp.net-core-2.0
我有Asp.net核心身份版本2.0设置和运行.我发现,_signinManager.SignoutAsync一旦用户登录Google ,就无法注销用户.当我回到我的登录方法时,它只显示用户登录时其Claim对象仍然完好无损.
代码非常简单,如下所示
[AllowAnonymous]
public ActionResult TestGoogle()
{
var redirectUrl = Url.Action(nameof(ExternalCallback), "Account", new { ReturnUrl = "" });
var properties = _signInManager.ConfigureExternalAuthenticationProperties("Google", redirectUrl);
return Challenge(properties, "Google");
}
public async Task<IActionResult> LogOff()
{
await _signInManager.SignOutAsync();
return RedirectToAction(nameof(HomeController.Index), "Home");
}
McG*_*V10 15
问题是您RedirectToAction将重定向覆盖到发出的Identity Server endsession URL SignOutAsync.
至于SignOutAsync什么是过时的Authentication部分 - 从ASP.NET Core 2.0开始,它HttpContext本身就是一个扩展.
(微软的HaoK 在这里给出了相同的注销问题的相同解释.)
编辑:解决方案是AuthenticationProperties在最终的对象中发送重定向URL SignOutAsync:
// in some controller/handler, notice the "bare" Task return value
public async Task LogoutAction()
{
// SomeOtherPage is where we redirect to after signout
await MyCustomSignOut("/SomeOtherPage");
}
// probably in some utility service
public async Task MyCustomSignOut(string redirectUri)
{
// inject the HttpContextAccessor to get "context"
await context.SignOutAsync("Cookies");
var prop = new AuthenticationProperties()
{
RedirectUri = redirectUri
};
// after signout this will redirect to your provided target
await context.SignOutAsync("oidc", prop);
}
| 归档时间: |
|
| 查看次数: |
6314 次 |
| 最近记录: |