From 0254816657dbcb8f7ffec3f0816dc87e04cff22a Mon Sep 17 00:00:00 2001
From: Muhammad Azeez <muhammad.azeez@dit.gov.krd>
Date: Mon, 18 Jan 2021 22:12:13 +0300
Subject: [PATCH 1/3] redirect back to the client after logout :D

---
 CSharp/AuthorizationServer/AuthorizationServer.csproj  |  4 ++--
 CSharp/AuthorizationServer/Config.cs                   |  9 ++++-----
 .../Quickstart/Account/AccountController.cs            |  9 ++++++++-
 README.md                                              |  2 +-
 React/real-estate/src/pages/components/Navbar.js       |  4 ++--
 React/real-estate/src/services/userService.js          | 10 +++++++---
 React/traffic-police/src/pages/components/Navbar.js    |  4 ++--
 React/traffic-police/src/services/userService.js       | 10 +++++++---
 8 files changed, 33 insertions(+), 19 deletions(-)

diff --git a/CSharp/AuthorizationServer/AuthorizationServer.csproj b/CSharp/AuthorizationServer/AuthorizationServer.csproj
index 0cbdc02..1ec2ef8 100644
--- a/CSharp/AuthorizationServer/AuthorizationServer.csproj
+++ b/CSharp/AuthorizationServer/AuthorizationServer.csproj
@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
 	<PropertyGroup>
-		<TargetFramework>net5.0</TargetFramework>
+		<TargetFramework>netcoreapp3.1</TargetFramework>
 	</PropertyGroup>
 	
   <ItemGroup>
@@ -11,7 +11,7 @@
 
     <PackageReference Include="TwoStepsAuthenticator" Version="1.4.1" />
 
-	  <PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="5.0.1" />
+	  <PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="3.1.11" />
 	  <PackageReference Include="Westwind.AspNetCore.LiveReload" Version="0.3.1" />
   </ItemGroup>
   
diff --git a/CSharp/AuthorizationServer/Config.cs b/CSharp/AuthorizationServer/Config.cs
index 704a0a7..1293e0a 100644
--- a/CSharp/AuthorizationServer/Config.cs
+++ b/CSharp/AuthorizationServer/Config.cs
@@ -82,9 +82,8 @@ namespace OidcSamples.AuthorizationServer
                     RequirePkce = true,
                     PostLogoutRedirectUris =
                     {
-                       "http://localhost:3000/signout-callback-oidc"
+                       "http://localhost:3000"
                     },
-
                     RequireConsent = false,
                 },
                 new Client
@@ -113,9 +112,8 @@ namespace OidcSamples.AuthorizationServer
                     RequirePkce = true,
                     PostLogoutRedirectUris =
                     {
-                       "http://localhost:4000/signout-callback-oidc"
+                       "http://localhost:4000"
                     },
-
                     RequireConsent = false,
                 },
                 new Client
@@ -148,7 +146,8 @@ namespace OidcSamples.AuthorizationServer
                     {
                        "http://localhost:7000/signout-callback-oidc"
                     },
-
+                    FrontChannelLogoutUri = "http://localhost:7000/signout-callback-oidc",
+                    FrontChannelLogoutSessionRequired = true,
                     RequireConsent = false,
                 }
             };
diff --git a/CSharp/AuthorizationServer/Quickstart/Account/AccountController.cs b/CSharp/AuthorizationServer/Quickstart/Account/AccountController.cs
index 25e3a9e..1226ac4 100644
--- a/CSharp/AuthorizationServer/Quickstart/Account/AccountController.cs
+++ b/CSharp/AuthorizationServer/Quickstart/Account/AccountController.cs
@@ -241,7 +241,14 @@ namespace IdentityServerHost.Quickstart.UI
                 return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme);
             }
 
-            return View("LoggedOut", vm);
+            if (string.IsNullOrEmpty(vm.PostLogoutRedirectUri))
+            {
+                return View("LoggedOut", vm);
+            }
+            else
+            {
+                return Redirect(vm.PostLogoutRedirectUri);
+            }
         }
 
         [HttpGet]
diff --git a/README.md b/README.md
index 793bb55..a68c70d 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ We are using IdentityServer 4 to implement our Authorization Server. You can fin
 
 **Dependencies:**
 
-- [.NET 5 SDK](https://dotnet.microsoft.com/download/dotnet/5.0)
+- [.NET Core 3.1 SDK](https://dotnet.microsoft.com/download/dotnet-core/3.1) (Because the latest version that IdentityServer4 supports is .NET Core 3.1)
 
 **How to run:**
 
diff --git a/React/real-estate/src/pages/components/Navbar.js b/React/real-estate/src/pages/components/Navbar.js
index e42af5d..6fcf7d8 100644
--- a/React/real-estate/src/pages/components/Navbar.js
+++ b/React/real-estate/src/pages/components/Navbar.js
@@ -14,8 +14,8 @@ const Navbar = () => {
 
   const user = useSelector((state) => state.auth.user);
 
-  function signOut() {
-    signoutRedirect();
+  async function signOut() {
+    await signoutRedirect();
   }
 
   return (
diff --git a/React/real-estate/src/services/userService.js b/React/real-estate/src/services/userService.js
index a3156a7..21db0ab 100644
--- a/React/real-estate/src/services/userService.js
+++ b/React/real-estate/src/services/userService.js
@@ -7,7 +7,7 @@ const config = {
   redirect_uri: "http://localhost:4000/signin-oidc",
   response_type: "code",
   scope: "openid profile real-estate-api",
-  post_logout_redirect_uri: "http://localhost:4000/signout-oidc",
+  post_logout_redirect_uri: "http://localhost:4000",
 };
 
 const userManager = new UserManager(config);
@@ -33,10 +33,14 @@ export function signinRedirectCallback() {
   return userManager.signinRedirectCallback();
 }
 
-export function signoutRedirect() {
+export async function signoutRedirect() {
+  var user = await userManager.getUser();
+  let id_token = null;
+  if (user) id_token = user.id_token;
+
   userManager.clearStaleState();
   userManager.removeUser();
-  return userManager.signoutRedirect();
+  return userManager.signoutRedirect({ id_token_hint: id_token });
 }
 
 export function signoutRedirectCallback() {
diff --git a/React/traffic-police/src/pages/components/Navbar.js b/React/traffic-police/src/pages/components/Navbar.js
index e2b48b0..e59828f 100644
--- a/React/traffic-police/src/pages/components/Navbar.js
+++ b/React/traffic-police/src/pages/components/Navbar.js
@@ -14,8 +14,8 @@ const Navbar = () => {
 
   const user = useSelector((state) => state.auth.user);
 
-  function signOut() {
-    signoutRedirect();
+  async function signOut() {
+    await signoutRedirect();
   }
 
   return (
diff --git a/React/traffic-police/src/services/userService.js b/React/traffic-police/src/services/userService.js
index c03c5a5..4f5ef50 100644
--- a/React/traffic-police/src/services/userService.js
+++ b/React/traffic-police/src/services/userService.js
@@ -7,7 +7,7 @@ const config = {
   redirect_uri: "http://localhost:3000/signin-oidc",
   response_type: "code",
   scope: "openid profile traffic-police-api",
-  post_logout_redirect_uri: "http://localhost:3000/signout-oidc",
+  post_logout_redirect_uri: "http://localhost:3000"
 };
 
 const userManager = new UserManager(config);
@@ -33,10 +33,14 @@ export function signinRedirectCallback() {
   return userManager.signinRedirectCallback();
 }
 
-export function signoutRedirect() {
+export async function signoutRedirect() {
+  var user = await userManager.getUser();
+  let id_token = null;
+  if (user) id_token = user.id_token;
+
   userManager.clearStaleState();
   userManager.removeUser();
-  return userManager.signoutRedirect();
+  return userManager.signoutRedirect({ id_token_hint: id_token });
 }
 
 export function signoutRedirectCallback() {

From 404e67df29a245b54ecb5e036ad2ae9eae50b815 Mon Sep 17 00:00:00 2001
From: Muhammad Azeez <muhammad.azeez@dit.gov.krd>
Date: Mon, 18 Jan 2021 23:46:44 +0300
Subject: [PATCH 2/3] fix vehicle type inconsistency

---
 CSharp/TaxApp/Pages/Index.cshtml.cs                  | 6 +++---
 CSharp/TrafficPoliceApi/Data/ApplicationDbContext.cs | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/CSharp/TaxApp/Pages/Index.cshtml.cs b/CSharp/TaxApp/Pages/Index.cshtml.cs
index ab9560a..44913d4 100644
--- a/CSharp/TaxApp/Pages/Index.cshtml.cs
+++ b/CSharp/TaxApp/Pages/Index.cshtml.cs
@@ -11,9 +11,9 @@ namespace OidcSamples.TaxApp.Pages
 {
     public enum VehicleType
     {
-        Sedan = 0,
-        SUV = 1,
-        Pickup = 2
+        Sedan = 1,
+        SUV = 2,
+        Pickup = 3
     }
 
     public class Vehicle
diff --git a/CSharp/TrafficPoliceApi/Data/ApplicationDbContext.cs b/CSharp/TrafficPoliceApi/Data/ApplicationDbContext.cs
index 69ddafd..2fc40c8 100644
--- a/CSharp/TrafficPoliceApi/Data/ApplicationDbContext.cs
+++ b/CSharp/TrafficPoliceApi/Data/ApplicationDbContext.cs
@@ -16,9 +16,9 @@ namespace OidcSamples.TrafficPoliceApi.Data
 
     public enum VehicleType
     {
-        Sedan = 0,
-        SUV = 1,
-        Pickup = 2
+        Sedan = 1,
+        SUV = 2,
+        Pickup = 3
     }
 
     public class Vehicle

From 38339dbeb1bc72f38fa709fdd6895873fb180413 Mon Sep 17 00:00:00 2001
From: Muhammad Azeez <muhammad.azeez@dit.gov.krd>
Date: Mon, 18 Jan 2021 23:58:45 +0300
Subject: [PATCH 3/3] real estate API now gets citizen_upn from the jwt token

---
 Node/real-estate/queries.js                           | 11 +++++++----
 .../src/pages/components/VehicleRegisterForm.js       |  2 +-
 React/real-estate/src/pages/components/table/Table.js |  2 --
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/Node/real-estate/queries.js b/Node/real-estate/queries.js
index 4b9923f..4444714 100644
--- a/Node/real-estate/queries.js
+++ b/Node/real-estate/queries.js
@@ -8,7 +8,10 @@ const pool = new Pool({
 });
 
 const getAllRealEstate = (request, response) => {
-  pool.query("SELECT * FROM real_estate ORDER BY id DESC", (error, results) => {
+  // The express-jwt middleware decodes the jwt token and store all claims on request.user
+  // https://github.com/auth0/express-jwt/issues/153#issuecomment-269498310
+  citizen_upn = request.user.sub;
+  pool.query(`SELECT * FROM real_estate WHERE citizen_upn = '${citizen_upn}' ORDER BY id DESC`, (error, results) => {
     if (error) {
       throw error;
     }
@@ -16,10 +19,10 @@ const getAllRealEstate = (request, response) => {
   });
 };
 
-// We don't need the citizen_upn here? ** Temporary **
 const insertRealEstate = (request, response) => {
-  const { address, area, citizen_upn } = request.body;
-
+  const { address, area } = request.body;
+  citizen_upn = request.user.sub;
+  console.log(citizen_upn)
   pool.query(
     "INSERT INTO real_estate (address, area, citizen_upn) VALUES ($1, $2, $3)",
     [address, area, citizen_upn],
diff --git a/React/real-estate/src/pages/components/VehicleRegisterForm.js b/React/real-estate/src/pages/components/VehicleRegisterForm.js
index 633f8fa..377029c 100644
--- a/React/real-estate/src/pages/components/VehicleRegisterForm.js
+++ b/React/real-estate/src/pages/components/VehicleRegisterForm.js
@@ -21,7 +21,7 @@ const VehicleRegisterForm = () => {
 
   async function registerVehicle() {
     await apiService.registerVehicle(
-      { address, area, citizen_upn: user.profile.sub },
+      { address, area },
       user.access_token
     );
     history.push("/");
diff --git a/React/real-estate/src/pages/components/table/Table.js b/React/real-estate/src/pages/components/table/Table.js
index b312455..1e23780 100644
--- a/React/real-estate/src/pages/components/table/Table.js
+++ b/React/real-estate/src/pages/components/table/Table.js
@@ -11,7 +11,6 @@ const Table = ({ vehicleData }) => {
           <tr>
             <ColumnName text={"Address"} />
             <ColumnName text={"Area"} />
-            <ColumnName text={"Citizen UPN"} />
             <th scope="col" className="relative px-6 py-3">
               <span className="sr-only">Actions</span>
             </th>
@@ -22,7 +21,6 @@ const Table = ({ vehicleData }) => {
             <tr key={vehicle.id} className="bg-gray-50">
               <TableData text={vehicle.address} />
               <TableData text={vehicle.area} />
-              <TableData text={vehicle.citizen_upn} />
               <TableData Component={EditBtns} />
             </tr>
           ))}