Merge pull request #821 from erikpique/feature/626

[BUG] After explicit logout, hit on login, then it is automatically r…
2018-11-14 09:43:51 +01:00 · 2018-11-14 09:43:51 +01:00 · 4cb0e5c620
commit 4cb0e5c620
parent 7b10b57635 641b732224
1 changed files with 12 additions and 10 deletions
--- a/src/Services/Identity/Identity.API/Controllers/AccountController.cs
+++ b/src/Services/Identity/Identity.API/Controllers/AccountController.cs
@ -1,4 +1,9 @@
-using IdentityModel;
+using System;
+using System.Linq;
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using System.Threading.Tasks;
+using IdentityModel;
 using IdentityServer4;
 using IdentityServer4.Models;
 using IdentityServer4.Services;
@ -11,11 +16,6 @@ using Microsoft.eShopOnContainers.Services.Identity.API.Models;
 using Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels;
 using Microsoft.eShopOnContainers.Services.Identity.API.Services;
 using Microsoft.Extensions.Logging;
-using System;
-using System.Linq;
-using System.Security.Claims;
-using System.Text.Encodings.Web;
-using System.Threading.Tasks;

 namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
 {
@ -92,7 +92,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
                    };

                    await _loginService.SignIn(user);
-                   
+
                    // make sure the returnUrl is still valid, and if yes - redirect back to authorize endpoint
                    if (_interaction.IsValidReturnUrl(model.ReturnUrl))
                    {
@ -113,7 +113,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
            return View(vm);
        }

-        async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context)
+        private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context)
        {
            var allowLocal = true;
            if (context?.ClientId != null)
@ -132,7 +132,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
            };
        }

-        async Task<LoginViewModel> BuildLoginViewModelAsync(LoginViewModel model)
+        private async Task<LoginViewModel> BuildLoginViewModelAsync(LoginViewModel model)
        {
            var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
            var vm = await BuildLoginViewModelAsync(model.ReturnUrl, context);
@ -193,7 +193,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers

                try
                {
-                    
+
                    // hack: try/catch to handle social providers that throw
                    await HttpContext.SignOutAsync(idp, new AuthenticationProperties
                    {
@ -209,6 +209,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
            // delete authentication cookie
            await HttpContext.SignOutAsync();

+            await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
+
            // set this so UI rendering sees an anonymous user
            HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());