Keycloak Log out from ASP.NET and ASP.NET Core

Question

Currently I am able to login from ASP.NET and ASP.NET Core. However when logout from ASP.NET, my ASP.NET Core app doesn't logout as well.

Here is my ASP.NET logout code:

public ActionResult logout()
{
    Request.GetOwinContext().Authentication.SignOut(HttpContext.GetOwinContext().Authentication.GetAuthenticationTypes().Select(o => o.AuthenticationType).ToArray());
    return RedirectToAction("About", "Home");
}

And my ASP.NET Core logout:

public IActionResult Logout()
{
    return new SignOutResult(new[] { "OpenIdConnect", "Cookies" });
}

Unfortunately, if I logout from the ASP.NET app, my ASP.NET Core app doesn't logout automatically. Is it something wrong with my keycloak setting, or did I miss something in my code?

Answer 1

Go through the https://github.com/dotnet/aspnetcore/blob/4fa5a228cfeb52926b30a2741b99112a64454b36/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs#L312-L315

services.AddAuthentication(...)
    .AddCookie("Cookies")
    .AddOpenIdConnect("OpenIdConnect", options =>
    {
        ...
        options.Events.OnSignedOutCallbackRedirect += context =>
        {
            context.Response.Redirect(context.Options.SignedOutRedirectUri);
            context.HandleResponse();

            return Task.CompletedTask;
        };
        ...
    });