.Net-Core退出Oauth

问题描述 投票:0回答:1

我创建了一个使用OAuth登录Coinbase的应用程序。我的启动配置如下:

services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = COINBASE_AUTH_ID;
})
.AddCookie()
.AddOAuth(COINBASE_AUTH_ID, options =>
{
    options.ClientId = Configuration["Coinbase:ClientId"];
    options.ClientSecret = Configuration["Coinbase:ClientSecret"];
    options.CallbackPath = new PathString("/signin-coinbase");

    options.AuthorizationEndpoint = "https://www.coinbase.com/oauth/authorize?meta[send_limit_amount]=1";
    options.TokenEndpoint = "https://api.coinbase.com/oauth/token";
    options.UserInformationEndpoint = "https://api.coinbase.com/v2/user";

    COINBASE_SCOPES.ForEach(scope => options.Scope.Add(scope));

    options.SaveTokens = true;

    options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
    options.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
    options.ClaimActions.MapJsonKey("urn:coinbase:avatar", "avatar_url");

    options.Events = new OAuthEvents
    {
        OnCreatingTicket = async context =>
        {
            var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
            request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
            request.Headers.Add("CB-VERSION", DateTime.Now.ToShortDateString());
            var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
            response.EnsureSuccessStatusCode();

            var user = JObject.Parse(await response.Content.ReadAsStringAsync());

            context.RunClaimActions(user);
        }
    };
});

当用户登录时,我返回一个质询结果,并让默认身份验证执行它。

[HttpGet]
public IActionResult Login(string returnUrl = "/")
{
    return Challenge(new AuthenticationProperties() { RedirectUri = returnUrl });
}

我正在试图弄清楚如何注销,但当我在基础控制器上调用Signout时,没有任何事情发生。

[HttpGet]
public IActionResult Logout()
{
    this.SignOut();
    return Redirect(Url.Content("~/"));
}

我怎样才能退出oauth?

c# oauth .net-core
1个回答
0
投票

现在,这可能是一种更优雅的方式。我发现我可以在HTTPContext上调用SignOut方法

public async Task<IActionResult> Logout()
{
    await HttpContext.SignOutAsync();
    return Redirect(Url.Content("~/"));
}
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.