ayan.poddar/eShopOnContainers
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[BUG] After explicit logout, hit on login, then it is automatically recognized instead of showing the login page #626

Browse Source 
https://github.com/dotnet-architecture/eShopOnContainers/issues/626
This commit is contained in:
Erik Pique 2018-10-10 10:55:00 +02:00
parent bb8dd63e69
commit 641b732224
1 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/Services/Identity/Identity.API/Controllers/AccountController.cs
View File

@ -1,4 +1,9 @@
using IdentityModel; using System;
using System.Linq;
using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using IdentityModel;
using IdentityServer4; using IdentityServer4;
using IdentityServer4.Models; using IdentityServer4.Models;
using IdentityServer4.Services; using IdentityServer4.Services;
@ -11,11 +16,6 @@ using Microsoft.eShopOnContainers.Services.Identity.API.Models;
using Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels; using Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels;
using Microsoft.eShopOnContainers.Services.Identity.API.Services; using Microsoft.eShopOnContainers.Services.Identity.API.Services;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using System;
using System.Linq;
using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
{ {
@ -92,7 +92,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
}; };
await _loginService.SignIn(user); await _loginService.SignIn(user);
// make sure the returnUrl is still valid, and if yes - redirect back to authorize endpoint // make sure the returnUrl is still valid, and if yes - redirect back to authorize endpoint
if (_interaction.IsValidReturnUrl(model.ReturnUrl)) if (_interaction.IsValidReturnUrl(model.ReturnUrl))
{ {
@ -113,7 +113,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
return View(vm); return View(vm);
} }
async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context) private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context)
{ {
var allowLocal = true; var allowLocal = true;
if (context?.ClientId != null) if (context?.ClientId != null)
@ -132,7 +132,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
}; };
} }
async Task<LoginViewModel> BuildLoginViewModelAsync(LoginViewModel model) private async Task<LoginViewModel> BuildLoginViewModelAsync(LoginViewModel model)
{ {
var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
var vm = await BuildLoginViewModelAsync(model.ReturnUrl, context); var vm = await BuildLoginViewModelAsync(model.ReturnUrl, context);
@ -193,7 +193,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
try try
{ {
// hack: try/catch to handle social providers that throw // hack: try/catch to handle social providers that throw
await HttpContext.SignOutAsync(idp, new AuthenticationProperties await HttpContext.SignOutAsync(idp, new AuthenticationProperties
{ {
@ -209,6 +209,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers
// delete authentication cookie // delete authentication cookie
await HttpContext.SignOutAsync(); await HttpContext.SignOutAsync();
await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme);
// set this so UI rendering sees an anonymous user // set this so UI rendering sees an anonymous user
HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());