Users Example (Sign Out)

[markadrake]

@jbreuer, thank you for sharing this code; it has been most helpful.

If you have time, I'm wondering how I might repurpose your code (OnRedirectToIdentityProviderForSignOut) for backoffice users. I have an OpenIdConnect properly configured for sign-in, auto-linking, etc. The last piece of the puzzle is how to trigger this code upon signing out of the backoffice.

I appreciate your help,

[markadrake]

I've since found the UserLogoutSuccessNotification for Umbraco Backoffice Users.

https://our.umbraco.com/documentation/Reference/Security/BackOfficeUserManager-and-Notifications/#notifications

For a proper sign out, my OpenIDConnect provider requires the token. I'm unsure how to get the token for the previously signed-in user. The ID of the previously signed-in user can be found using notication.AffectedUserId.

I'll continue to update this thread as I learn more.

[markadrake]

I've written a notification handler that is getting the job done!

    internal class OktaBackOfficeLogout : INotificationHandler<UserLogoutSuccessNotification>
    {
        private readonly IConfiguration _config;
        private readonly IExternalLoginService _externalLoginService;

        public OktaBackOfficeLogout(IConfiguration config, IExternalLoginService externalLoginService)
        {
            _config = config;
            _externalLoginService = externalLoginService;
        }

        public void Handle(UserLogoutSuccessNotification notification)
        {
            var userId = notification.AffectedUserId;
            var token = _externalLoginService.GetExternalLoginTokens(Int32.Parse(userId)).Where(t => t.Name.Equals("id_token")).FirstOrDefault();

            notification.SignOutRedirectUrl = "https://*******.oktapreview.com/oauth2/default/v1/logout"
                + $"?id_token_hint={token.Value}"
                + $"&post_logout_redirect_uri=https://localhost:44372/umbraco";
        }
    }