New: Implement Logout Handling (coscine/issues#629)

src/STS/Controllers/AccountController.cs

@@ -4,6 +4,7 @@ using System.Threading.Tasks;
 using Coscine.STS.Utils;
 using Coscine.STS.Data;
 using Microsoft.AspNetCore.Identity;
+using System;
 
 namespace Coscine.STS.Controllers
 {
@@ -21,6 +22,9 @@ namespace Coscine.STS.Controllers
         {
             ViewBag.ReturnUrl = UrlGenerator.ExtendReturnUrl(returnUrl, Request);
             ViewBag.ORCiDUrl = ORCiDHandler.GetORCiDOAuthUrl() + UrlGenerator.ORCiDRedirectUrl();
+            ViewBag.IdpUrl = new Uri(
+                    Program.Configuration.GetStringAndWait("coscine/global/shibboleth/metadata")
+                ).GetLeftPart(System.UriPartial.Authority);
             System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
             ViewBag.AppJs = enc.GetString(Program.Configuration.GetAndWait("coscine/apps/login/appjs"));
             return View();
@@ -48,5 +52,27 @@ namespace Coscine.STS.Controllers
             ModelState.AddModelError("", "The userid provided is incorrect.");
             return View(model);
         }
+        
+        [Route("[controller]/logout")]
+        public async Task<ActionResult> Logout()
+        {
+            var externalLoginInfo = await _signInManager.GetExternalLoginInfoAsync();
+            var loggedInWithShibboleth = (externalLoginInfo != null && externalLoginInfo.LoginProvider == "Saml2");
+
+            await _signInManager.SignOutAsync();
+
+            foreach (var cookie in Request.Cookies.Keys)
+            {
+                Response.Cookies.Delete(cookie);
+            }
+
+            ViewBag.LoginUrl = UrlGenerator.GetLoginUrl(Request) + "&logout=true";
+            if (loggedInWithShibboleth)
+            {
+                ViewBag.LoginUrl += "&loggedInWithShibboleth=true";
+            }
+
+            return View();
+        }
     }
 }

src/STS/Controllers/ORCiDController.cs

@@ -8,8 +8,6 @@ using Coscine.ApiCommons.Models;
 using System.Linq;
 using Coscine.STS.Data;
 using Microsoft.AspNetCore.Identity;
-using System.DirectoryServices;
-using System.DirectoryServices.AccountManagement;
 
 #region DupFinder Exclusion
 namespace Coscine.STS.Controllers

src/STS/STS.csproj

@@ -9,8 +9,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Coscine.ApiCommons" Version="1.3.1" />
-    <PackageReference Include="Coscine.Database" Version="1.12.1" />
+    <PackageReference Include="Coscine.ApiCommons" Version="1.5.0" />
+    <PackageReference Include="Coscine.Database" Version="1.15.1" />
     <PackageReference Include="Microsoft.AspNetCore" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Abstractions" Version="2.2.0" />

src/STS/Views/Account/Login.cshtml

@@ -12,7 +12,7 @@
     <link rel="icon" href="/_layouts/15/images/PIT.Labs.SharePoint15.MasterPages/Favicon.png"/>
 </head>
 <body class="fullwidth">
-    <div id="loginpage" returnUrl="@ViewBag.ReturnUrl" orcidUrl="@ViewBag.ORCiDUrl"></div>
+    <div id="loginpage" returnUrl="@ViewBag.ReturnUrl" orcidUrl="@ViewBag.ORCiDUrl" idpUrl="@ViewBag.IdpUrl"></div>
     <script src="@ViewBag.AppJs"></script>
     <!--[if lt IE 9]>
       <button data-v-e64af82c="" id="orcidbutton" name="getORCiDForm" class="btn btn-primary w-100"><span data-v-e64af82c=""><img data-v-e64af82c="" alt="ORCID logo" id="orcid-id-logo" src="https://orcid.org/sites/default/files/images/orcid_24x24.png" width="25" height="25"></span><span data-v-e64af82c="">  Sign in with ORCID ID</span></button>

src/STS/Views/Account/Logout.cshtml

+@{
+    Layout = null;
+}
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Logout</title>
+    <link rel="icon" href="/_layouts/15/images/PIT.Labs.SharePoint15.MasterPages/Favicon.png"/>
+    <script type="text/javascript">
+        localStorage.clear();
+        sessionStorage.clear();
+        window.location.href = "@Html.Raw(ViewBag.LoginUrl)";
+    </script>
+</head>
+<body>
+</body>
+</html>