Post logout doesn't call the redirect URI that is specified

[xadvfh]

Here is what happens when my application logs out:

My application calls endSession with a post_logout_redirect_uri (post_logout_redirect_uri=https%3A%2F%2Flocalhost%3A52141%2Fsignout-callback-oidc). This redirect is never called.

[xadvfh]

My Client config has this:

    "RedirectUris": ["*"],
    "PostLogoutRedirectUris": ["*"],

Since wildcard works for RedirectUris I'm assuming it will work for PostLogoutRedirectUris also.

Here are the logs that are generated:

[15:35:54 Information] IdentityServer4.Validation.EndSessionRequestValidator
End session request validation success
{"ClientId": "mock-server-client-id", "ClientName": null, "SubjectId": "personal_user", "PostLogOutUri": "https://localhost:55735/signout-callback-oidc", "State": null, "Raw": {"id_token_hint": "***REDACTED***", "post_logout_redirect_uri": "https://localhost:55735/signout-callback-oidc"}, "$type": "EndSessionRequestValidationLog"}

[15:35:54 Debug] IdentityServer4.Endpoints.EndSessionEndpoint
Success validating end session request from mock-server-client-id

[15:35:55 Information] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
AuthenticationScheme: idsrv signed out.

[15:35:55 Debug] IdentityServer4.Hosting.IdentityServerMiddleware
SignOutCalled set; processing post-signout session cleanup.

[15:35:55 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client mock-server-client-id succeeded.

[15:35:55 Debug] IdentityServer4.Services.LogoutNotificationService
No client back-channel logout URLs

[15:35:55 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /connect/endsession/callback matched to endpoint type Endsession

[15:35:55 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Endsession, successfully created handler: IdentityServer4.Endpoints.EndSessionCallbackEndpoint

[15:35:55 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.EndSessionCallbackEndpoint for /connect/endsession/callback

[15:35:55 Debug] IdentityServer4.Endpoints.EndSessionCallbackEndpoint
Processing signout callback request

[15:35:55 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client mock-server-client-id succeeded.

[15:35:55 Debug] IdentityServer4.Services.LogoutNotificationService
No client front-channel logout URLs

[15:35:55 Information] IdentityServer4.Endpoints.EndSessionCallbackEndpoint
Successful signout callback.

[xadvfh]

Maybe this is the fix: https://stackoverflow.com/a/53240640

[AleF83]

@xadvfh
Can you describe you flow?
As I see from your log, there is message "No client front-channel logout URLs".

So maybe you just should define FrontChannelLogoutUri property in your clients configuration env-var/file?

In any case, I've published new version of image (0.3.1) that allows you to configure AccountOptions (as described in the Stackoverflow link in you comment). See #63 for more details

[xadvfh]

@AleF83 it seems neither setting has worked for me.

If I specify the post logout redirect uri in PostLogoutRedirectUris it works fine. But it won't work with a wildcard. I see that support for wildcards was added in #44 and it works for RedirectUris but not for PostLogoutRedirectUris.

[AleF83]

Looks like there is bug here:

oidc-server-mock/src/Validation/RedirectUriValidator.cs

Line 14 in d181957

return Task.FromResult<bool>(client.RedirectUris.Any(allowedUri =>

It should be client.PostLogoutRedirectUris

I'll fix

[xadvfh]

thank you

[AleF83]

I've pushed new image version (0.3.2)

[xadvfh]

@AleF83 verified latest image woks great. Thank you!