Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 khwezi
|
f001b02633 | ||
 Khwezi Mngoma
|
90a11dc65e | ||
|
khwezi
|
de955a96a8 | ||
|
Khwezi Mngoma
|
cdf5cfb5cd | ||
|
khwezi
|
c4d3bb4cdf | ||
|
Khwezi Mngoma
|
65f102f18a | ||
|
khwezi
|
cdc80db214 | ||
|
Khwezi Mngoma
|
4576b5aa2b |
@@ -42,24 +42,13 @@ public static class Api
|
|||||||
options.Scope.Add("profile");
|
options.Scope.Add("profile");
|
||||||
options.Scope.Add("email");
|
options.Scope.Add("email");
|
||||||
|
|
||||||
options.Events = new OpenIdConnectEvents
|
options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.Always;
|
||||||
{
|
options.CorrelationCookie.SameSite = SameSiteMode.None;
|
||||||
OnRedirectToIdentityProvider = context =>
|
options.CorrelationCookie.HttpOnly = true;
|
||||||
{
|
|
||||||
if (!string.IsNullOrEmpty(context.ProtocolMessage.RedirectUri) && context.ProtocolMessage.RedirectUri.StartsWith("http://", StringComparison.OrdinalIgnoreCase))
|
|
||||||
{
|
|
||||||
var uriBuilder = new UriBuilder(context.ProtocolMessage.RedirectUri)
|
|
||||||
{
|
|
||||||
Scheme = "https",
|
|
||||||
Port = -1,
|
|
||||||
};
|
|
||||||
|
|
||||||
context.ProtocolMessage.RedirectUri = uriBuilder.Uri.ToString();
|
options.NonceCookie.SecurePolicy = CookieSecurePolicy.Always;
|
||||||
}
|
options.NonceCookie.SameSite = SameSiteMode.None;
|
||||||
|
options.NonceCookie.HttpOnly = true;
|
||||||
return Task.CompletedTask;
|
|
||||||
},
|
|
||||||
};
|
|
||||||
});
|
});
|
||||||
|
|
||||||
return services;
|
return services;
|
||||||
@@ -112,30 +101,14 @@ public static class Api
|
|||||||
|
|
||||||
app.MapGet("/logout", async (HttpContext context, IHttpClientFactory httpClientFactory, IOptions<AuthentikSettings> settings) =>
|
app.MapGet("/logout", async (HttpContext context, IHttpClientFactory httpClientFactory, IOptions<AuthentikSettings> settings) =>
|
||||||
{
|
{
|
||||||
var authOptions = settings.Value;
|
|
||||||
var accessToken = await context.GetTokenAsync("access_token");
|
|
||||||
|
|
||||||
if (!string.IsNullOrEmpty(accessToken))
|
|
||||||
{
|
|
||||||
try
|
|
||||||
{
|
|
||||||
var client = httpClientFactory.CreateClient();
|
|
||||||
|
|
||||||
var requestContent = new FormUrlEncodedContent(new Dictionary<string, string>(StringComparer.Ordinal)
|
|
||||||
{
|
|
||||||
{ "token", accessToken },
|
|
||||||
{ "client_id", authOptions.ClientId! },
|
|
||||||
{ "client_secret", authOptions.ClientSecret! },
|
|
||||||
});
|
|
||||||
|
|
||||||
await client.PostAsync(authOptions.RevokationEndpoint, requestContent, context.RequestAborted);
|
|
||||||
}
|
|
||||||
catch { }
|
|
||||||
}
|
|
||||||
|
|
||||||
await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
||||||
|
|
||||||
return Results.Redirect($"{authOptions.Authority}end-session/");
|
string currentBaseUrl = $"https://{context.Request.Host}{context.Request.PathBase}/";
|
||||||
|
|
||||||
|
await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
||||||
|
{
|
||||||
|
RedirectUri = currentBaseUrl
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
return app;
|
return app;
|
||||||
|
|||||||
Reference in New Issue
Block a user