diff --git a/samples/Mvc.Client/Controllers/HomeController.cs b/samples/Mvc.Client/Controllers/HomeController.cs index f5d8a4e3..9bc078db 100644 --- a/samples/Mvc.Client/Controllers/HomeController.cs +++ b/samples/Mvc.Client/Controllers/HomeController.cs @@ -3,6 +3,7 @@ using System.Net.Http; using System.Net.Http.Headers; using System.Threading; using System.Threading.Tasks; +using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; @@ -16,8 +17,14 @@ namespace Mvc.Client.Controllers { [Authorize, HttpPost("~/")] public async Task Index(CancellationToken cancellationToken) { using (var client = new HttpClient()) { + var token = await HttpContext.Authentication.GetTokenAsync("access_token"); + if (string.IsNullOrEmpty(token)) { + throw new InvalidOperationException("The access token cannot be found in the authentication ticket. " + + "Make sure that SaveTokens is set to true in the OIDC options."); + } + var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:54540/api/message"); - request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken); + request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); var response = await client.SendAsync(request, cancellationToken); response.EnsureSuccessStatusCode(); @@ -25,16 +32,5 @@ namespace Mvc.Client.Controllers { return View("Home", model: await response.Content.ReadAsStringAsync()); } } - - protected string AccessToken { - get { - var claim = HttpContext.User?.FindFirst("access_token"); - if (claim == null) { - throw new InvalidOperationException(); - } - - return claim.Value; - } - } } } \ No newline at end of file diff --git a/samples/Mvc.Client/Startup.cs b/samples/Mvc.Client/Startup.cs index 5d9a0614..b22bba7f 100644 --- a/samples/Mvc.Client/Startup.cs +++ b/samples/Mvc.Client/Startup.cs @@ -62,7 +62,7 @@ namespace Mvc.Client { RequireHttpsMetadata = false, GetClaimsFromUserInfoEndpoint = true, - SaveTokensAsClaims = true, + SaveTokens = true, // Use the authorization code flow. ResponseType = OpenIdConnectResponseTypes.Code, diff --git a/src/OpenIddict.Mvc/OpenIddictController.cs b/src/OpenIddict.Mvc/OpenIddictController.cs index b01d2d6d..fc12cfb2 100644 --- a/src/OpenIddict.Mvc/OpenIddictController.cs +++ b/src/OpenIddict.Mvc/OpenIddictController.cs @@ -16,6 +16,7 @@ using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Http.Authentication; +using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Microsoft.IdentityModel.Protocols.OpenIdConnect; @@ -199,11 +200,11 @@ namespace OpenIddict.Mvc { } [HttpPost, ValidateAntiForgeryToken] - public virtual async Task Logout(CancellationToken cancellationToken) { + public virtual async Task Logout([FromServices] SignInManager manager, CancellationToken cancellationToken) { // Instruct the cookies middleware to delete the local cookie created // when the user agent is redirected from the external identity provider // after a successful authentication flow (e.g Google or Facebook). - await HttpContext.Authentication.SignOutAsync("Microsoft.AspNetCore.Identity.Application"); + await manager.SignOutAsync(); // Redirect the user agent to the post_logout_redirect_uri specified by the client application. await HttpContext.Authentication.SignOutAsync(Options.AuthenticationScheme);