I'm kinda new to blazor and I'm having issues with logging users out of the application. I've looked at various documents and tutorials but I haven't found anything mentioning logging out. I've tried calling the Cognito logout endpoint (https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html) but my application still sees the user as authenticated. I also tried getting the access_token using the answer in this thread How do I get the access token from a blazor (server-side) web app? but it always returns null for me. The isAuthenticated property always return true regardless of what I do. Anyone got any ideas?
In startup
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignOutScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(options =>
{
options.ResponseType = "code";
options.SaveTokens = true;
options.RemoteSignOutPath = "/signout";
options.MetadataAddress = Configuration["Authentication:Cognito:MetadataAddress"];
options.ClientId = Configuration["Authentication:Cognito:ClientId"];
options.ClientSecret = Configuration["Authentication:Cognito:ClientSecret"];
});
In LoginDisplay.razor
protected override async Task OnInitializedAsync()
{
var authState = await AuthenticationStateProvider.GetAuthenticationStateAsync();
var user = authState.User;
identity = user.Identity as ClaimsIdentity;
var isAuthenticated = identity.IsAuthenticated;
email = identity!.Claims.FirstOrDefault(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")?.Value ?? string.Empty;
var userData = await userService.GetUserByEmail(email.ToLower());
userData.Then(u =>
userRole = u.Role
, () =>
userRole = UserRole.Anonymous
);
}
