Reputation: 657
IdentityServer4 unable to logout
I've created my Identity server from IdentityServer4.Quickstart.UI library. Currently using IdentityServer4(4.1.2) version. And also I have a react SPA application which using axa-fr/react-oidc package to deal things with both identity server and react app.
Couple days ago, I noticed that when I click logout button in my react app which calls logout function of axa-fr/react-oidc library. It does show me a page which claims I logged out successfully. But when I call the main page of react app again, I am logging in without authentication...
My identity server config as follows;
new()
{
ClientId = "reactapp-local",
ClientName = "App UI",
AllowedGrantTypes = {GrantType.AuthorizationCode, GrantType.ResourceOwnerPassword},
AllowedScopes = { "openid", "profile","app"},
ClientUri="http://localhost:3000",
RedirectUris={ "http://localhost:3000/authentication/callback" },
PostLogoutRedirectUris = { "http://localhost:3000/authentication/signout-callback-oidc" }, // Add this
AllowedCorsOrigins={ "http://localhost:3000" },
RequirePkce=true,
RequireClientSecret=false,
AccessTokenLifetime=2678400,
UserSsoLifetime=2678400,
ClientSecrets ={new Secret("memoli".Sha256())},
AllowOfflineAccess=true,
Description="app",
LogoUri="https://somedomain.com:5022/img/products/logo-app.png",
Properties=PropertiesService.GetAppProperties()
},
axa-fr/react-oidc client configuration;
const dev = {
client_id: 'reactapp-local',
redirect_uri: 'http://localhost:3000/authentication/callback',
silent_redirect_uri: 'http://localhost:3000/authentication/silent-callback',
scope: 'openid profile app',
post_logout_redirect_uri: 'http://localhost:3000/authentication/signout-callback-oidc', // Ensure this matches IdentityServer
authority: 'http://localhost:34801',
refresh_time_before_tokens_expiration_in_second: 40,
service_worker_relative_url: '/OidcServiceWorker.js',
service_worker_only: false,
token_renew_mode: TokenRenewMode.access_token_invalid,
demonstrating_proof_of_possession: false,
client_secret: 'safafasasf+afasfasfafasf/pe/Unols=',
};
From the output tab of visual studio, I see the logs as follow;
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.EndSessionCallbackEndpoint for /connect/endsession/callback
info: IdentityServer4.Endpoints.EndSessionCallbackEndpoint[0]
Successful signout callback.
I've done a extensive research but unable to find what causes this problem :/ Any help would be greatly appreciated.
Upvotes: 0
Views: 48
Answers (1)
Reputation: 657
I am answering my own question for people who would face the same issue in future. It is not related about IdentityServer4 configurations or axa-fr/react-oidc library.
Error caused from calling app.UseIdentityServer() in wrong order. I can't tell why this happens but if you call anything before app.UseIdentityServer() it causes this kind of weird problem.
var app = builder.Build();
app.UseIdentityServer(); ->Call this first.
app.UseStaticFiles();
Upvotes: 1
Related Questions
- Cannot sign out the OpenIdConnect authentication of identityserver4 on ASP.NET Core 2 application
- IdentityServer4 redirects to Logout page instead of PostLogoutRedirectUri
- IdentityServer4 as external provider, how to avoid logout prompt?
- Authentication with oidc-client.js and Identityserver4 in a React frontend
- Sign out identityserver4 with identityserver3 library in mvc client
- How to enable front-channel or back-channel logout in identityserver4
- Handling incomplete or Error-ed Out Remote Sign outs
- IdentityServer4 logout