Infer sign out scheme when using external identity providers and asp.net identity#1265
Merged
brockallen merged 2 commits intoDuendeSoftware:mainfrom Sep 7, 2023
Merged
Infer sign out scheme when using external identity providers and asp.net identity#1265brockallen merged 2 commits intoDuendeSoftware:mainfrom
brockallen merged 2 commits intoDuendeSoftware:mainfrom
Conversation
| // Identity's cookie at sign out time. If the sign out scheme is explicitly | ||
| // set, then we don't override that though. | ||
|
|
||
| if (DefaultAuthSchemeIsAspNetIdentity() && |
Member
There was a problem hiding this comment.
This logic has been refactored a bit to make the intentions clearer
| /// <summary> | ||
| /// Gets a value indicating if the SignOutScheme was set explicitly, either by application logic or by options binding. | ||
| /// </summary> | ||
| public bool SignOutSchemeSetExplicitly { get => _signOutScheme != null; } |
Member
There was a problem hiding this comment.
The options class now understands if the sign out scheme has actually been set. We use that in our configuration so that we don't override a user who is trying to set the scheme explicitly.
Member
|
@brockallen I've made some changes to this PR, would you take a look and review please? |
brockallen
approved these changes
Sep 7, 2023
josephdecock
changed the title
josephdecock
changed the title
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Redirecting back to client application after logging out from the external identity provider
User is not redirected back to the client application from external identity provider, when identity server is configured for asp.net identity.
Link to the Issue
After some debugging of the duende and Microsoft sources, I've discovered that the reason for the redirection problem is the absence of id token. SignOutScheme which is used to retrieve id token from the user is set to default value, but default authentication scheme after configuring identity server for asp.net identity is changed to Application.Identity.