Identityserver4: Extra parameters on endession are not passed along to LogoutRequest

Created on 3 Sep 2020  Â·  3Comments  Â·  Source: IdentityServer/IdentityServer4

Issue / Steps to reproduce the problem

ASP.NET MVC (Owin) client, using latest OpenIdConnect and IdentityServer. Intercept the OpenIdConnectRequestType.Logout request and augment the ProtocolMessage.Parameters collection with a custom name/value pair:

                Notifications = new OpenIdConnectAuthenticationNotifications
                {
                    RedirectToIdentityProvider = async n =>
                    {
                        switch (n.ProtocolMessage.RequestType)
                        {
                            case OpenIdConnectRequestType.Logout:
                                n.ProtocolMessage.SetParameter("logoff_method", n.Request.Path.Value); 
                                break;
                        }
                    }

I can see the parameters on the endsession query string and in the EndSessionRequestValidationLog.Raw collection (see log snippet below).

However, when the logout endpoint in my identity server controller is called and I GetLogoutContextAsync(), the LogoutRequest.Parameters collection is empty:

        [HttpGet("logout")]
        [AllowAnonymous]
        public async Task<IActionResult> Logout([FromQuery] string logoutId)
        {
            var logoutRequest = await _interaction.GetLogoutContextAsync(logoutId);
            if (logoutRequest.Parameters.Count == 0)
                throw new Exception("No additional parameters found in LogoutRequest.");

Relevant parts of the log file


 End session request validation success EndSessionRequestValidationLog {"ClientId":"myclient","ClientName":"my client",…

details
{ClientId: "myclient", ClientName: "my client", SubjectId: "3", PostLogOutUri: "http://localhost:59474/app/v1.0", State: null, 
Raw: {
  post_logout_redirect_uri: "http://localhost:59474/app/v1.0", 
  logoff_method: "/account/logoff", 
  id_token_hint: "***REDACTED***", 
  x-client-SKU: "ID_NET461", 
  x-client-ver: "5.6.0.0"
}, 
_typeTag: "EndSessionRequestValidationLog"}

RequestPath
/connect/endsession
SourceContext
IdentityServer4.Validation.EndSessionRequestValidator
bug report duplicate
Source
picture martyt

All 3 comments

I think I just fixed this: https://github.com/IdentityServer/IdentityServer4/pull/4851

brockallen picture brockallen on 8 Sep 2020
👍1

We just released 4.1.0 -- please test against that version to confirm your issue has been addressed. If not, please reopen this issue. Thanks.

brockallen picture brockallen on 14 Sep 2020
👍1

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

github-actions[bot] picture github-actions[bot] on 26 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

createroftheearth picture createroftheearth  Â·  3Comments
nukec picture nukec  Â·  3Comments
brockallen picture brockallen  Â·  3Comments
klioqc picture klioqc  Â·  3Comments
wangkanai picture wangkanai  Â·  3Comments