We use our IDP to interop with various SPs. I had active SP-initiated SSO sessions from salesfforce and Office365 Then I logged out at the salesforce , SP-initiated SLO arrives at the IDP:
public async Task<ActionResult> SingleLogoutService() { // Receive the single logout request or response. // If a request is received then single logout is being initiated by a partner service provider. // If a response is received then this is in response to single logout having been initiated by the identity provider. var sloResult = await _samlIdentityProvider.ReceiveSloAsync();
if (sloResult.IsResponse) { if (sloResult.HasCompleted) { // IdP-initiated SLO has completed. return RedirectToPage("/Index"); } } else { // Logout locally. //await _signInManager.SignOutAsync(); <====== this one is commented out since we have our own middleware to take care of user auth and logout.
// Respond to the SP-initiated SLO request indicating successful logout. await _samlIdentityProvider.SendSloAsync(); }
return new EmptyResult(); }
But, await _samlIdentityProvider.SendSloAsync(); had not caused logout of user at Office 365.
Is my understanding correct to think that this method takes care sending mulitple SLO towards all the SPs the user had active SSO flows with
Can you please help me, to see what are the usual suspects here.
Appreciate your time and help.
|