科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>.net - How to make front channel logout work in C# + IdentityServer4 + Angular? - Stack Overflow

    .net - How to make front channel logout work in C# + IdentityServer4 + Angular? - Stack Overflow

    programmeradmin3浏览0评论

    I need help making front channel logout work in my application that uses C# + IdentityServer4 + Angular. My client configuration in IdentityServer4:

    new Client
{
    AccessTokenType = AccessTokenType.Jwt,
    RefreshTokenExpiration = TokenExpiration.Absolute,
    IdentityTokenLifetime = identityTokenLifetime,
    AuthorizationCodeLifetime = authorizationCodeLifetime ,
    AccessTokenLifetime = accessTokenLifetime ,
    UpdateAccessTokenClaimsOnRefresh = true,
    AllowOfflineAccess = true,
    ClientId = MySiteClients.Portal,
    ClientName = "Portal client",
    ClientSecrets =
    {
        new Secret(MySiteSecrets.Portal.Sha256())
    },
    AllowedGrantTypes = GrantTypes.Implicit,
    AllowAccessTokensViaBrowser = true,
    AlwaysIncludeUserClaimsInIdToken = true,
    AbsoluteRefreshTokenLifetime = coreSettings.AbsoluteRefreshTokenLifetimeInSeconds,
    RequireConsent = false,
    RequirePkce = false,
    RedirectUris =
    {
        $"https://localhost:4200/auth-callback",
        $"https://localhost:4200/silent-refresh.html",
    },
    PostLogoutRedirectUris =
    {
        $"https://localhost:4200/logout-callback",
        $"http://localhost:4200/logout-callback",
        coreSettings.MySiteIdentityServer
    },
    BackChannelLogoutUri = $"{coreSettings.MySiteIdentityServer}/api/logout-backchannel",
    BackChannelLogoutSessionRequired = true,
    FrontChannelLogoutUri = $"https://localhost:4200/frontchannel-logout",
    FrontChannelLogoutSessionRequired = true,
    AllowedCorsOrigins =
    {
        coreSettings.PortalApiService,
        coreSettings.Portal
    },
    AllowedScopes =
    {
        StandardScopes.OpenId,
        StandardScopes.Profile,
        MySiteScopes.PortalApi
    }
}

    Angular Component for handling front channel logout:

    @Component({
selector: 'app-frontchannel-logout',
templateUrl: './frontchannel-logoutponent.html'
})
export class FrontChannelLogoutComponent implements OnInit {
    constructor(private router: Router,
             private authService: AuthService,
                private activatedRoute: ActivatedRoute) { }

    ngOnInit() {
      debugger;
        this.activatedRoute.queryParams.subscribe(params => {
           if (params['frontchannel-logout']) {
                this.authService.logout();
         }
       });
    }
}

    The problem: Even in IdentityServer4 logs, I do not see any front channel logout request. Back channel logout works fine, but it does not fully solve my problem.

    My goal: I want to log out the user from all clients (browsers) simultaneously when they log out from one browser.

    Currently, only all tabs within the same browser are logged out. Other browsers still retain the session because they store the token in cookies, which remain valid for 30 minutes. The session in other browsers only expires when the token is no longer valid and fails to refresh due to revocation via back channel logout.

    My question: Why isn't front channel logout being triggered? Are there any alternative ways to achieve full logout across all browsers?

    Any ideas or suggestions are highly appreciated! Thank you in advance.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论