I am using Identity Server 3 and have multiple angular 8 application as clients.
At client side I am using "angular-auth-oidc-client" library to implement SSO.
I have below configuration in app.module.
BUT onCheckSessionChanged never triggered... even if logged out from other tab .. of same browser.
below is my logout code.
this.oidcSecurityService.logoff()
Identity Server Configuration:
public static void UseIdentityServerCustomStoreSetup(this IAppBuilder app)
{
app.Map("/Identity", idApp =>
{
var EventsOptions = new EventsOptions()
{
RaiseErrorEvents = true,
RaiseFailureEvents = true,
RaiseInformationEvents = true,
RaiseSuccessEvents = true
};
var defaultViewServiceOptions = new DefaultViewServiceOptions();
defaultViewServiceOptions.CacheViews = false;
var Factory = new IdentityServerServiceFactory()
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get());
Factory.UserService = new Registration<IUserService, UserManagementService>();
Factory.ConfigureDefaultViewService(defaultViewServiceOptions);
var cust = new CustomeValidator();
Factory.CustomRequestValidator = new Registration<ICustomRequestValidator, CustomeValidator>();
var option = new IdentityServerOptions()
{
SiteName = "",
LoggingOptions = GetFullLoggingConfig(),
EventsOptions = EventsOptions,
Factory = Factory,
RequireSsl = false,
EnableWelcomePage = false,
SigningCertificate = LoadCertificate()
};
option.AuthenticationOptions = new IdentityServer3.Core.Configuration.AuthenticationOptions
{
EnablePostSignOutAutoRedirect = true,
RequireSignOutPrompt = false,
CookieOptions = new IdentityServer3.Core.Configuration.CookieOptions
{
AllowRememberMe = true,
IsPersistent = false,
RememberMeDuration = TimeSpan.FromMinutes(24),
},
EnableSignOutPrompt = false
,
PostSignOutAutoRedirectDelay = 0,
EnableLoginHint = true
};
idApp.UseIdentityServer(option);
});
Serilog.Log.Logger =
new LoggerConfiguration().MinimumLevel.Debug()
.WriteTo.File(@"c:\logs\IdSvrAdmin-{Date}.log")
.CreateLogger();
// app.UseResourceAuthorization(new AuthorizationManager()); // for authorization
}
Client Configuration in Identity Server
new Client
{
Enabled = true,
ClientName = "UMS Client",
ClientId = "UMSClient",
AccessTokenType = AccessTokenType.Reference,
Flow = Flows.Implicit,
ClientSecrets = new List<Secret> { new Secret { Value= "clientsecret@weave.com" } },
RequireConsent = false,
RedirectUris = new List<string>
{
Urls.LIVE_URL+"3001"
},
AllowedCorsOrigins = new List<string>
{
Urls.LIVE_URL+"3001"
},
// Valid URLs after logging out
PostLogoutRedirectUris = new List<string>
{
Urls.LIVE_URL+"3001"
},
AllowAccessToAllScopes = true,
AccessTokenLifetime = Clients.TimeOut
}
