Merge branch 'master' of https://github.com/ditdevtools/AuthorizationServerDemos

CSharp/AuthorizationServer/AuthorizationServer.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
 	<PropertyGroup>
-		<TargetFramework>net5.0</TargetFramework>
+		<TargetFramework>netcoreapp3.1</TargetFramework>
 	</PropertyGroup>
 	
   <ItemGroup>
@@ -11,7 +11,7 @@
 
     <PackageReference Include="TwoStepsAuthenticator" Version="1.4.1" />
 
-	  <PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="5.0.1" />
+	  <PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="3.1.11" />
 	  <PackageReference Include="Westwind.AspNetCore.LiveReload" Version="0.3.1" />
   </ItemGroup>
   

CSharp/AuthorizationServer/Config.cs

@@ -82,9 +82,8 @@ namespace OidcSamples.AuthorizationServer
                     RequirePkce = true,
                     PostLogoutRedirectUris =
                     {
-                       "http://localhost:3000/signout-callback-oidc"
+                       "http://localhost:3000"
                     },
-
                     RequireConsent = false,
                 },
                 new Client
@@ -113,9 +112,8 @@ namespace OidcSamples.AuthorizationServer
                     RequirePkce = true,
                     PostLogoutRedirectUris =
                     {
-                       "http://localhost:4000/signout-callback-oidc"
+                       "http://localhost:4000"
                     },
-
                     RequireConsent = false,
                 },
                 new Client
@@ -148,7 +146,8 @@ namespace OidcSamples.AuthorizationServer
                     {
                        "http://localhost:7000/signout-callback-oidc"
                     },
-
+                    FrontChannelLogoutUri = "http://localhost:7000/signout-callback-oidc",
+                    FrontChannelLogoutSessionRequired = true,
                     RequireConsent = false,
                 }
             };

CSharp/AuthorizationServer/Quickstart/Account/AccountController.cs

@@ -241,7 +241,14 @@ namespace IdentityServerHost.Quickstart.UI
                 return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme);
             }
 
-            return View("LoggedOut", vm);
+            if (string.IsNullOrEmpty(vm.PostLogoutRedirectUri))
+            {
+                return View("LoggedOut", vm);
+            }
+            else
+            {
+                return Redirect(vm.PostLogoutRedirectUri);
+            }
         }
 
         [HttpGet]

CSharp/TaxApp/Pages/Index.cshtml.cs

@@ -11,9 +11,9 @@ namespace OidcSamples.TaxApp.Pages
 {
     public enum VehicleType
     {
-        Sedan = 0,
+        Sedan = 1,
-        SUV = 1,
+        SUV = 2,
-        Pickup = 2
+        Pickup = 3
     }
 
     public class Vehicle

CSharp/TrafficPoliceApi/Data/ApplicationDbContext.cs

@@ -16,9 +16,9 @@ namespace OidcSamples.TrafficPoliceApi.Data
 
     public enum VehicleType
     {
-        Sedan = 0,
+        Sedan = 1,
-        SUV = 1,
+        SUV = 2,
-        Pickup = 2
+        Pickup = 3
     }
 
     public class Vehicle

Node/real-estate/queries.js

@@ -8,7 +8,10 @@ const pool = new Pool({
 });
 
 const getAllRealEstate = (request, response) => {
-  pool.query("SELECT * FROM real_estate ORDER BY id DESC", (error, results) => {
+  // The express-jwt middleware decodes the jwt token and store all claims on request.user
+  // https://github.com/auth0/express-jwt/issues/153#issuecomment-269498310
+  citizen_upn = request.user.sub;
+  pool.query(`SELECT * FROM real_estate WHERE citizen_upn = '${citizen_upn}' ORDER BY id DESC`, (error, results) => {
     if (error) {
       throw error;
     }
@@ -16,10 +19,10 @@ const getAllRealEstate = (request, response) => {
   });
 };
 
-// We don't need the citizen_upn here? ** Temporary **
 const insertRealEstate = (request, response) => {
-  const { address, area, citizen_upn } = request.body;
+  const { address, area } = request.body;
-
+  citizen_upn = request.user.sub;
+  console.log(citizen_upn)
   pool.query(
     "INSERT INTO real_estate (address, area, citizen_upn) VALUES ($1, $2, $3)",
     [address, area, citizen_upn],

README.md

@@ -14,7 +14,7 @@ We are using IdentityServer 4 to implement our Authorization Server. You can fin
 
 **Dependencies:**
 
-- [.NET 5 SDK](https://dotnet.microsoft.com/download/dotnet/5.0)
+- [.NET Core 3.1 SDK](https://dotnet.microsoft.com/download/dotnet-core/3.1) (Because the latest version that IdentityServer4 supports is .NET Core 3.1)
 
 **How to run:**
 

React/real-estate/src/pages/components/Navbar.js

@@ -14,8 +14,8 @@ const Navbar = () => {
 
   const user = useSelector((state) => state.auth.user);
 
-  function signOut() {
+  async function signOut() {
-    signoutRedirect();
+    await signoutRedirect();
   }
 
   return (

React/real-estate/src/pages/components/VehicleRegisterForm.js

@@ -21,7 +21,7 @@ const VehicleRegisterForm = () => {
 
   async function registerVehicle() {
     await apiService.registerVehicle(
-      { address, area, citizen_upn: user.profile.sub },
+      { address, area },
       user.access_token
     );
     history.push("/");

React/real-estate/src/pages/components/table/Table.js

@@ -11,7 +11,6 @@ const Table = ({ vehicleData }) => {
           <tr>
             <ColumnName text={"Address"} />
             <ColumnName text={"Area"} />
-            <ColumnName text={"Citizen UPN"} />
             <th scope="col" className="relative px-6 py-3">
               <span className="sr-only">Actions</span>
             </th>
@@ -22,7 +21,6 @@ const Table = ({ vehicleData }) => {
             <tr key={vehicle.id} className="bg-gray-50">
               <TableData text={vehicle.address} />
               <TableData text={vehicle.area} />
-              <TableData text={vehicle.citizen_upn} />
               <TableData Component={EditBtns} />
             </tr>
           ))}

React/real-estate/src/services/userService.js

@@ -7,7 +7,7 @@ const config = {
   redirect_uri: "http://localhost:4000/signin-oidc",
   response_type: "code",
   scope: "openid profile real-estate-api",
-  post_logout_redirect_uri: "http://localhost:4000/signout-oidc",
+  post_logout_redirect_uri: "http://localhost:4000",
 };
 
 const userManager = new UserManager(config);
@@ -33,10 +33,14 @@ export function signinRedirectCallback() {
   return userManager.signinRedirectCallback();
 }
 
-export function signoutRedirect() {
+export async function signoutRedirect() {
+  var user = await userManager.getUser();
+  let id_token = null;
+  if (user) id_token = user.id_token;
+
   userManager.clearStaleState();
   userManager.removeUser();
-  return userManager.signoutRedirect();
+  return userManager.signoutRedirect({ id_token_hint: id_token });
 }
 
 export function signoutRedirectCallback() {

React/traffic-police/src/pages/components/Navbar.js

@@ -14,8 +14,8 @@ const Navbar = () => {
 
   const user = useSelector((state) => state.auth.user);
 
-  function signOut() {
+  async function signOut() {
-    signoutRedirect();
+    await signoutRedirect();
   }
 
   return (

React/traffic-police/src/services/userService.js

@@ -7,7 +7,7 @@ const config = {
   redirect_uri: "http://localhost:3000/signin-oidc",
   response_type: "code",
   scope: "openid profile traffic-police-api",
-  post_logout_redirect_uri: "http://localhost:3000/signout-oidc",
+  post_logout_redirect_uri: "http://localhost:3000"
 };
 
 const userManager = new UserManager(config);
@@ -33,10 +33,14 @@ export function signinRedirectCallback() {
   return userManager.signinRedirectCallback();
 }
 
-export function signoutRedirect() {
+export async function signoutRedirect() {
+  var user = await userManager.getUser();
+  let id_token = null;
+  if (user) id_token = user.id_token;
+
   userManager.clearStaleState();
   userManager.removeUser();
-  return userManager.signoutRedirect();
+  return userManager.signoutRedirect({ id_token_hint: id_token });
 }
 
 export function signoutRedirectCallback() {