Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ASP.NET Core Identity 2.0 SignoutAsync is not logging out user if the user signed in with Google

Tags:

c#

asp.net-core

asp.net-core-2.0

asp.net-core-identity

I have Asp.net Core Identity version 2.0 Set up and running. I am finding that _signinManager.SignoutAsync is not logging out user once they have signed in with Google. When I go back to my Login Method it just shows the User as logged in with their Claims object still intact.

The code is really simple as below

[AllowAnonymous]
public ActionResult TestGoogle()
{
    var redirectUrl = Url.Action(nameof(ExternalCallback), "Account", new { ReturnUrl = "" });
    var properties = _signInManager.ConfigureExternalAuthenticationProperties("Google", redirectUrl);
    return Challenge(properties, "Google");
}


public async Task<IActionResult> LogOff()
{
    await _signInManager.SignOutAsync();
    return RedirectToAction(nameof(HomeController.Index), "Home");
}
like image 823
AliK Avatar asked Sep 09 '17 14:09

AliK

2 Answers

The problem is that your RedirectToAction overwrites the redirect to the Identity Server endsession URL that SignOutAsync issues.

As for SignOutAsync, what is obsolete is the Authentication portion -- as of ASP.NET Core 2.0 it's an extension directly off HttpContext itself.

(The same explanation for the same signout problem is given here by Microsoft's HaoK.)

Edit: The solution is to send a redirect URL in an AuthenticationProperties object with the final SignOutAsync:

// in some controller/handler, notice the "bare" Task return value
public async Task LogoutAction()
{
    // SomeOtherPage is where we redirect to after signout
    await MyCustomSignOut("/SomeOtherPage");
}

// probably in some utility service
public async Task MyCustomSignOut(string redirectUri)
{
    // inject the HttpContextAccessor to get "context"
    await context.SignOutAsync("Cookies");
    var prop = new AuthenticationProperties()
    {
        RedirectUri = redirectUri
    };
    // after signout this will redirect to your provided target
    await context.SignOutAsync("oidc", prop);
}
like image 50
McGuireV10 Avatar answered Oct 13 '22 12:10

McGuireV10

Just the first line solved my issue.

await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await _SignInManager.SignOutAsync();
HttpContext.Response.Cookies.Delete(".AspNetCore.Cookies");
like image 39
Amir Astaneh Avatar answered Oct 13 '22 12:10

Amir Astaneh
Sign in to Comment

Related questions

How to have users change their passwords after the first login?
Cannot find a way to add a placeholder for an MVC 5 DropDownListFor
Convert String[] to List<SelectList>
Redirect user after authentication with OpenIdConnect in ASP.Net MVC
Reference in two projects
Azure Container Name RegEx
Naming convention: How to name a different version of the same class?
CORS headers missing when deployed on Azure Web App / Azure API
Do comments slow down a compiled language?
Why can't I override my interface methods?
Handling JWT expiration in .NET MVC-application
Serialize parquet data with C#
Visual studio (MAC) Console Application [duplicate]
How to use joins with generic repository pattern - Entity Framework
Quad tree and Kd tree
How do I dynamically change dynamodb tablename in c# using object persistence model
SharePointOnlineCredentials Missing or not found
Filter all queries (trying to achieve soft delete)
Asp.NET Core json file or data path - where to put it
Could not load file or assembly 'Microsoft.VisualStudio.VC.Interfaces

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!