Search code examples
c#.netasp.net-corews-federation

SignOut (LogOut) Error in AspNetCore 2.1 with WsFederation

I am getting following error while logging out (signing out) in ASP .NET Core 2.1 application

No sign-out authentication handler is registered for the scheme 'Federation'. The registered sign-out schemes are: WsFederation, Cookies. Did you forget to call AddAuthentication().AddCookies("Federation",...)

Here is a code snippet in my Startup.cs

public void ConfigureServices(IServiceCollection services)
{
    services.AddAuthentication(sharedOptions =>
        {
            sharedOptions.DefaultScheme =
                    CookieAuthenticationDefaults.AuthenticationScheme;
            sharedOptions.DefaultSignInScheme = 
                    CookieAuthenticationDefaults.AuthenticationScheme;
            sharedOptions.DefaultChallengeScheme = 
                    WsFederationDefaults.AuthenticationScheme;
        })
        .AddWsFederation(options =>
        {
            options.Wtrealm = this._wtrealm;
            options.MetadataAddress = this._metadataAddress;
        })
        .AddCookie();

}

Here is a code from SignOut method

    public IActionResult SignOut()      
    {
        foreach (var key in this.HttpContext.Request.Cookies.Keys)
        {
            this.HttpContext.Response.Cookies.Delete(key);

            // this.HttpContext.Response.Cookies.Append(key, 
            //                       string.Empty, 
            //                       new CookieOptions() { 
            //                             Expires = DateTime.Now.AddDays(-1) 
            //                       });
        }

        return this.SignOut(
             new  Microsoft.AspNetCore.Authentication.AuthenticationProperties 
             {
                  RedirectUri = this.GetReturnUrl() 
             },
             CookieAuthenticationDefaults.AuthenticationScheme,
             WsFederationAuthenticationDefaults.AuthenticationType);
    }
Solution

  • As the error indicates, you registered WsFederation and Cookies with code below: 

    services.AddAuthentication(sharedOptions =>
    {
        sharedOptions.DefaultScheme =
                CookieAuthenticationDefaults.AuthenticationScheme;
        sharedOptions.DefaultSignInScheme = 
                CookieAuthenticationDefaults.AuthenticationScheme;
        sharedOptions.DefaultChallengeScheme = 
                WsFederationDefaults.AuthenticationScheme;
    })
    .AddWsFederation(options =>
    {
        options.Wtrealm = this._wtrealm;
        options.MetadataAddress = this._metadataAddress;
    })

    But, you are signout WsFederationAuthenticationDefaults.AuthenticationType which is Federation. You should signout WsFederationDefaults.AuthenticationScheme instead of WsFederationAuthenticationDefaults.AuthenticationType.

    Try code below: 

    return this.SignOut(
         new  Microsoft.AspNetCore.Authentication.AuthenticationProperties 
         {
              RedirectUri = this.GetReturnUrl() 
         },
         CookieAuthenticationDefaults.AuthenticationScheme,
         WsFederationDefaults.AuthenticationScheme);