I have integrated the CAS protocol authentication in my solution, using the GSS.Authentication.CAS library. I created an Account controller and a Login API and the authentication works fine.
Now I would like to manage the logout from my APIs and from CAS, but if I do something like the following nothing happens.
In the Account controller I have:
[AllowAnonymous]
[Route("Logout")]
[HttpGet()]
public IActionResult Logout()
{
return SignOut(CookieAuthenticationDefaults.AuthenticationScheme);
}
In program.cs I have standard code like:
.AddCookie(options =>
{
options.Events.OnSigningOut = context =>
{
Log.Information($"OnSigningOut called");
var redirectContext = new RedirectContext<CookieAuthenticationOptions>(
context.HttpContext,
context.Scheme,
context.Options,
context.Properties,
"/"
);
if (builder.Configuration.GetValue("Authentication:CAS:SingleSignOut", false))
{
Log.Information($"Executing SingleSignOut");
// Single Sign-Out
var casUrl = new Uri(builder.Configuration["Authentication:CAS:ServerUrlBase"]);
var links = context.HttpContext.RequestServices.GetRequiredService<LinkGenerator>();
var serviceUrl = context.Properties.RedirectUri ?? links.GetUriByPage(context.HttpContext, "/Index");
redirectContext.RedirectUri = UriHelper.BuildAbsolute(
casUrl.Scheme,
new HostString(casUrl.Host, casUrl.Port),
casUrl.LocalPath, "/logout",
QueryString.Create("service", serviceUrl!));
}
context.Options.Events.RedirectToLogout(redirectContext);
return Task.CompletedTask;
};
})
I was expecting to see the OnSigningOut event triggered, but this does not happen.
Do you have any idea where I'm wrong?
Thank you