Use HttpPost to log out of OWIN / Katana authentication system

Question

Use HttpPost to log out of OWIN / Katana authentication system

Is there a way to get Katana Authentication Manager to invoke the exit point of IdentityServer3 using HttpPost instead of the HttpGet method?

I am currently using this method to call the endession endpoint from IdentityServer3 (according to this ):

public ActionResult Logout()
{
    // standard way with HTTP GET
    Request.GetOwinContext().Authentication.SignOut();

    return Redirect("/");
}

I need this because the URL will contain more than 2000 characters and this will lead to some errors.

thanks for reference

+4

c # asp.net-mvc owin katana identityserver3

Specialias Dec 18 '15 at 6:36

source share

1 answer

SpecialHias · Accepted Answer · 2015-12-29T12:43:51+0000

, OWIN HttpPost.

MVC5, :

@{
    Claim idTokenHintClaim = Request.GetOwinContext().Authentication.User.FindFirst("id_token");
    string idTokenHint = idTokenHintClaim != null
        ? idTokenHintClaim.Value
        : null;
}
<form action="https://.../core/endsession" method="POST" id="logoutForm">
    <input type="hidden" name="id_token_hint" value="@idTokenHint"/>
    <input type="hidden" name="post_logout_redirect_uri" value="@PostLogoutRedirectUrl"/>
</form>
<a href="javascript:document.getElementById('logoutForm').submit()">
    Logout
</a>

IdentityServer3 . IdentityServer3 @PostLogoutRedirectUrl. @PostLogoutRedirectUrl MVC:

public ActionResult LogoutCallback()
{
    HttpCookie cookie = new HttpCookie("SecureCookieName");
    cookie.HttpOnly = true;
    cookie.Expires = new DateTime(1999, 10, 12);
    Response.Cookies.Remove("SecureCookieName");
    Response.Cookies.Add(cookie);

    SetPasswordResetHint();

    return RedirectToAction("Index");
}

, HttpPost OWIN .

Use HttpPost to log out of OWIN / Katana authentication system

More articles: