Open vitalybrandes opened 1 year ago
in LogoutDeny() - Line 385
need to be changed to
await HttpContext.SignOutAsync();
// If no post_logout_redirect_uri was specified, redirect the user agent
// to the root page, that should correspond to the home page in most cases.
if (string.IsNullOrEmpty(request.PostLogoutRedirectUri))
{
return Redirect("~/");
}
same behavior as in the LogoutAccept()
@vitalybrandes can you submit a PR for it
I've encountered this issue and would like to address it. One question, though: Is the OIDC server allowed to add a query parameter to the redirect URI to inform the relying party about the cancellation?
If we want to make that configurable, the URI will need to be server-controlled (we can't use post_logout_redirect_uri
for that).
@gvkries are you still interested in fixing that?
Once you are trying to logout from SPA with template of Are you sure you want to log out?. If you click no, you are redirected to server URL home page instead of spa. In my case, server and UI running in different containers.
Expected behavior
If using openid redirect to app redirect url.