IdentityServer4 - Redirect to MVC client after Logout

Sandeep picture Sandeep · Apr 6, 2017 · Viewed 15.8k times · Source

I am using IdenetityServer4 and Redirecting to MVC client after Logout is not working. Following is my MVC client controller Logout action:

public async Task Logout()
{
    await HttpContext.Authentication.SignOutAsync("Cookies");
    await HttpContext.Authentication.SignOutAsync("oidc");
}

Following is identity server 4 Host config file.

public static IEnumerable<Client> GetClients()
{
    return new List<Client>
    {
        // other clients omitted...

        // OpenID Connect implicit flow client (MVC)
        new Client
        {
            ClientId = "mvc",
            ClientName = "MVC Client",
            AllowedGrantTypes = GrantTypes.Implicit,

            // where to redirect to after login
            RedirectUris = { "http://localhost:58422/signin-oidc" },

            // where to redirect to after logout
            PostLogoutRedirectUris = { "http://localhost:58422/signout-callback-oidc" },

            AllowedScopes = new List<string>
            {
                IdentityServerConstants.StandardScopes.OpenId,
                IdentityServerConstants.StandardScopes.Profile
            }
        }
    };
} 

I want user to be redirect back to MVC client after getting Logged out from IdentityServer. Right now user has to click link show in below image to redirected back to MVC site but i think user should be automatically redirected back to MVC client.

enter image description here

Answer

heyAkhilesh picture heyAkhilesh · Apr 11, 2017

There is no problem in your Config.cs or in the MVC controller.

Go to your IdentityServer4 Application then inside AccountController's Logout [HttpPost] method, do the following changes:

public async Task<IActionResult> Logout(LogoutViewModel model)
{
   ...    
  //return View("LoggedOut", vm);
  return Redirect(vm.PostLogoutRedirectUri);
}

This will redirect the user back to MVC application (in your case).

There is a better way to do this: You can set these options from AccountOptions.cs as follows:

public static bool ShowLogoutPrompt = false;
public static bool AutomaticRedirectAfterSignOut = true;