Skip to content

Commit

Permalink
Update the Contruum sample to enable the logout endpoint and update R…
Browse files Browse the repository at this point in the history
…EADME.md to include a link to an OIDC session management sample
  • Loading branch information
GREsau authored Jun 29, 2024
1 parent 859fc6e commit d46ccb9
Show file tree
Hide file tree
Showing 5 changed files with 63 additions and 4 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,8 @@ This repository contains samples demonstrating **how to use [OpenIddict](https:/
- **[Angular and Blazor samples](https://github.com/damienbod/AspNetCoreOpeniddict)** by [Damien Bowden](https://github.com/damienbod)

- **[Experimental MAUI (WinUI-only) sample](https://github.com/kevinchalet/openiddict-core/tree/maui_winui_sample/sandbox/OpenIddict.Sandbox.Maui.Client)** by [Kévin Chalet](https://github.com/kevinchalet)

- **[OIDC Session Management sample](https://github.com/GREsau/openiddict-session-management-sample)** by [Graham Esau](https://github.com/GREsau)

## Certification

Expand Down
19 changes: 19 additions & 0 deletions samples/Contruum/Contruum.Server/Pages/Connect/EndSession.cshtml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
@page
@model Contruum.Server.Pages.Connect.EndSessionModel
@using Microsoft.Extensions.Primitives

<div class="jumbotron">
<h1>Log out</h1>
<p class="lead text-left">Are you sure you want to sign out?</p>

<form asp-antiforgery="true" method="post">
@* Flow the request parameters so they can be received by the LogoutPost action: *@
@foreach (var parameter in Request.HasFormContentType ?
(IEnumerable<KeyValuePair<string, StringValues>>)Request.Form : Request.Query)
{
<input type="hidden" name="@parameter.Key" value="@parameter.Value" />
}

<input class="btn btn-lg btn-success" name="Confirm" type="submit" value="Yes" />
</form>
</div>
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using OpenIddict.Server.AspNetCore;

namespace Contruum.Server.Pages.Connect;

public class EndSessionModel : PageModel
{
public IActionResult OnGet()
{
return Page();
}

public async Task<IActionResult> OnPostAsync()
{
await HttpContext.SignOutAsync();

// Returning a SignOutResult will ask OpenIddict to redirect the user agent
// to the post_logout_redirect_uri specified by the client application or to
// the RedirectUri specified in the authentication properties if none was set.
return SignOut(
authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
properties: new AuthenticationProperties
{
RedirectUri = "/"
});
}
}
9 changes: 6 additions & 3 deletions samples/Contruum/Contruum.Server/Startup.cs
Original file line number Diff line number Diff line change
Expand Up @@ -69,11 +69,13 @@ public void ConfigureServices(IServiceCollection services)
options.SetAuthorizationEndpointUris(Configuration["OpenIddict:Endpoints:Authorization"]!)
.SetTokenEndpointUris(Configuration["OpenIddict:Endpoints:Token"]!)
.SetIntrospectionEndpointUris(Configuration["OpenIddict:Endpoints:Introspection"]!)
.SetUserinfoEndpointUris(Configuration["OpenIddict:Endpoints:Userinfo"]!);
.SetUserinfoEndpointUris(Configuration["OpenIddict:Endpoints:Userinfo"]!)
.SetLogoutEndpointUris(Configuration["OpenIddict:Endpoints:Logout"]!);

// Enable the authorization code, implicit and the refresh token flows.
// Enable the authorization code, implicit, hybrid and the refresh token flows.
options.AllowAuthorizationCodeFlow()
.AllowImplicitFlow()
.AllowHybridFlow()
.AllowRefreshTokenFlow();

// Expose all the supported claims in the discovery document.
Expand All @@ -93,7 +95,8 @@ public void ConfigureServices(IServiceCollection services)
// so that token requests are automatically handled by OpenIddict.
options.UseAspNetCore()
.EnableAuthorizationEndpointPassthrough()
.EnableAuthorizationRequestCaching();
.EnableAuthorizationRequestCaching()
.EnableLogoutEndpointPassthrough();

// Register the event handler responsible for populating userinfo responses.
options.AddEventHandler<HandleUserinfoRequestContext>(options =>
Expand Down
7 changes: 6 additions & 1 deletion samples/Contruum/Contruum.Server/appsettings.json
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,12 @@
"ClientId": "oidc_certification_app_1",
"ClientSecret": "secret_secret_secret",
"RedirectUris": [ "https://www.certification.openid.net/test/a/d6e0d2a6-003e-4721-8b67-a24380468aa8/callback" ],
"PostLogoutRedirectUris": [ "https://www.certification.openid.net/test/a/d6e0d2a6-003e-4721-8b67-a24380468aa8/post_logout_redirect" ],
"Type": "confidential",
"Permissions": [
"ept:authorization",
"ept:token",
"ept:logout",
"gt:authorization_code",
"gt:implicit",
"gt:refresh_token",
Expand All @@ -64,10 +66,12 @@
"ClientId": "oidc_certification_app_2",
"ClientSecret": "secret_secret_secret",
"RedirectUris": [ "https://www.certification.openid.net/test/a/d6e0d2a6-003e-4721-8b67-a24380468aa8/callback" ],
"PostLogoutRedirectUris": [ "https://www.certification.openid.net/test/a/d6e0d2a6-003e-4721-8b67-a24380468aa8/post_logout_redirect" ],
"Type": "confidential",
"Permissions": [
"ept:authorization",
"ept:token",
"ept:logout",
"gt:authorization_code",
"gt:implicit",
"gt:refresh_token",
Expand All @@ -90,7 +94,8 @@
"Authorization": "connect/authorize",
"Introspection": "connect/introspect",
"Token": "connect/token",
"Userinfo": "connect/userinfo"
"Userinfo": "connect/userinfo",
"Logout": "connect/endsession"
},

"Scopes": [
Expand Down

0 comments on commit d46ccb9

Please sign in to comment.