From 366874b2fc43a7c6d4d6b8094997e61b1807e12e Mon Sep 17 00:00:00 2001 From: Philipp Meier Date: Fri, 25 Oct 2024 14:59:22 +0200 Subject: [PATCH] feat: Improved/simplified sign out. --- src/Chrono/ConfigureSecurity.cs | 1 - src/Chrono/Features/Users/LoginController.cs | 19 ++++++------------- src/Chrono/appsettings.json | 1 - 3 files changed, 6 insertions(+), 15 deletions(-) diff --git a/src/Chrono/ConfigureSecurity.cs b/src/Chrono/ConfigureSecurity.cs index 5bee51e..59400d3 100644 --- a/src/Chrono/ConfigureSecurity.cs +++ b/src/Chrono/ConfigureSecurity.cs @@ -26,7 +26,6 @@ public static void AddWebUiSecurityServices(this IServiceCollection services, IC //options.Cookie.SameSite = SameSiteMode.Strict; options.Cookie.Name = configuration["IdentityProvider:CookieName"]; - options.Events.OnSigningOut = e => e.HttpContext.RevokeUserRefreshTokenAsync(); }) .AddOpenIdConnect(options => { diff --git a/src/Chrono/Features/Users/LoginController.cs b/src/Chrono/Features/Users/LoginController.cs index c5399e1..eef5121 100644 --- a/src/Chrono/Features/Users/LoginController.cs +++ b/src/Chrono/Features/Users/LoginController.cs @@ -2,6 +2,7 @@ using Chrono.Shared.Api; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Authentication.OpenIdConnect; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; @@ -9,26 +10,18 @@ namespace Chrono.Features.Users; [Authorize] [ApiExplorerSettings(IgnoreApi = true)] -public class LoginController(IConfiguration config) : ApiControllerBase +public class LoginController : ApiControllerBase { [HttpGet] - public async Task Get([FromQuery] string redirectUrl, [FromQuery] string sign = "in") + public ActionResult Get([FromQuery] string redirectUrl, [FromQuery] string sign = "in") { if (sign == "in") { return Redirect(redirectUrl); } - SignOut("cookie", "oidc"); - - // To ensure that all auth. cookies are being deleted, since ASP.NET Core uses the ChunkingCookieManager for cookie authentication by default. - new ChunkingCookieManager().DeleteCookie(HttpContext, config["IdentityProvider:CookieName"]!, - new CookieOptions()); - - var idToken = await HttpContext.GetTokenAsync("id_token"); - var logoutUrl = config["IdentityProvider:LogoutUrl"]; - - return Redirect( - $"{logoutUrl}?id_token_hint={idToken}&post_logout_redirect_uri={HttpUtility.UrlEncode(redirectUrl)}"); + return SignOut(new AuthenticationProperties { RedirectUri = redirectUrl }, + CookieAuthenticationDefaults.AuthenticationScheme, + OpenIdConnectDefaults.AuthenticationScheme); } } diff --git a/src/Chrono/appsettings.json b/src/Chrono/appsettings.json index c7458ec..9eecbaf 100644 --- a/src/Chrono/appsettings.json +++ b/src/Chrono/appsettings.json @@ -13,7 +13,6 @@ "CookieName": "ChronoAuth", "Authority": "https://.auth0.com/", "JwksUri": "https://.auth0.com/.well-known/jwks.json", - "LogoutUrl": "https://.auth0.com/oidc/logout", "ClientId": "", "ClientSecret": "" },