BackChannelLogoutUri with multi-tenant scenario

前端 未结 1 1030
悲&欢浪女
悲&欢浪女 2021-01-23 07:05

I am currently working with Identity server 4, where i am trying to enable BackChannelLogoutUri.

Each client has been given a BackChannelLogoutUri in the config of the c

1条回答
  •  南方客
    南方客 (楼主)
    2021-01-23 07:43

    I've implemented the backchannel logout without having to rely on iframes. What it basically does is, collect the necessary urls and then send the notifications.

    I don't have tenants, so this will work for me. But you can adapt the code and add the logic for tenants, as commented in the code:

    // Injected services:
    
    //private readonly IUserSession _userSession;
    //private readonly IClientStore _clientStore;
    //private readonly IBackChannelLogoutService _backChannelClient;
    
    private async Task LogoutUserAsync(string logoutId)
    {
        if (User?.Identity.IsAuthenticated == true)
        {
            // delete local authentication cookie
            await HttpContext.SignOutAsync();
    
            // Get all clients from the user's session
            var clientIds = await _userSession.GetClientListAsync();
            if (clientIds.Any())
            {
                var backChannelClients = new List();
                var sessionId = await _userSession.GetSessionIdAsync();
                var sub = User.Identity.GetSubjectId();
    
                foreach (var clientId in clientIds)
                {
                    var client = await _clientStore.FindEnabledClientByIdAsync(clientId);
                    // This should be valid in any case:
                    if (client == null && !string.IsNullOrEmpty(client.BackChannelLogoutUri))
                        continue;
    
                    // Insert here the logic to retrieve the tenant url for this client
                    // and replace the uri:
                    var tenantLogoutUri = client.BackChannelLogoutUri;
    
                    backChannelClients.Add(new BackChannelLogoutModel
                    {
                        ClientId = client.ClientId,
                        LogoutUri = tenantLogoutUri,
                        SubjectId = sub,
                        SessionId = sessionId,
                        SessionIdRequired = true
                    });
                }
    
                try
                {
                    await _backChannelClient.SendLogoutNotificationsAsync(backChannelClients);
                }
                catch (Exception ex)
                {
                    // Log message
                }
            }
    
            // raise the logout event
            await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName()));
        }
    }
    

    0 讨论(0)
提交回复
热议问题