Merge pull request #7297 from abpframework/maliming/security-logs-clietnid

Save the client id for Authorization Code Grant.
5 years ago · 1771d34ac0
parent 9d105424f1 9f7e6d9b44
commit 1771d34ac0
2 changed files with 22 additions and 9 deletions
--- a/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/IdentityServerSupportedLoginModel.cs
+++ b/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/IdentityServerSupportedLoginModel.cs
@ -103,9 +103,9 @@ namespace Volo.Abp.Account.Web.Pages.Account

        public override async Task<IActionResult> OnPostAsync(string action)
        {
+            var context = await Interaction.GetAuthorizationContextAsync(ReturnUrl);
            if (action == "Cancel")
            {
-                var context = await Interaction.GetAuthorizationContextAsync(ReturnUrl);
                if (context == null)
                {
                    return Redirect("~/");
@ -142,7 +142,8 @@ namespace Volo.Abp.Account.Web.Pages.Account
            {
                Identity = IdentitySecurityLogIdentityConsts.Identity,
                Action = result.ToIdentitySecurityLogAction(),
-                UserName = LoginInput.UserNameOrEmailAddress
+                UserName = LoginInput.UserNameOrEmailAddress,
+                ClientId = context?.Client?.ClientId
            });

            if (result.RequiresTwoFactor)
--- a/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/IdentityServerSupportedLogoutModel.cs
+++ b/modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/IdentityServerSupportedLogoutModel.cs
@ -20,12 +20,6 @@ namespace Volo.Abp.Account.Web.Pages.Account

        public async override Task<IActionResult> OnGetAsync()
        {
-            await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
-            {
-                Identity = IdentitySecurityLogIdentityConsts.Identity,
-                Action = IdentitySecurityLogActionConsts.Logout
-            });
-
            await SignInManager.SignOutAsync();

            var logoutId = Request.Query["logoutId"].ToString();
@ -33,11 +27,14 @@ namespace Volo.Abp.Account.Web.Pages.Account
            if (!string.IsNullOrEmpty(logoutId))
            {
                var logoutContext = await Interaction.GetLogoutContextAsync(logoutId);
+
+                await SaveSecurityLogAsync(logoutContext?.ClientId);
+
                await SignInManager.SignOutAsync();

                HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());

-                LoggedOutModel vm = new LoggedOutModel()
+                var vm = new LoggedOutModel()
                {
                    PostLogoutRedirectUri = logoutContext?.PostLogoutRedirectUri,
                    ClientName = logoutContext?.ClientName,
@ -49,6 +46,8 @@ namespace Volo.Abp.Account.Web.Pages.Account
                return RedirectToPage("./LoggedOut", vm);
            }

+            await SaveSecurityLogAsync();
+
            if (ReturnUrl != null)
            {
                return LocalRedirect(ReturnUrl);
@ -58,5 +57,18 @@ namespace Volo.Abp.Account.Web.Pages.Account
                $"IdentityServerSupportedLogoutModel couldn't find postLogoutUri... Redirecting to:/Account/Login..");
            return RedirectToPage("/Account/Login");
        }
+
+        protected virtual async Task SaveSecurityLogAsync(string clientId = null)
+        {
+            if (CurrentUser.IsAuthenticated)
+            {
+                await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
+                {
+                    Identity = IdentitySecurityLogIdentityConsts.Identity,
+                    Action = IdentitySecurityLogActionConsts.Logout,
+                    ClientId = clientId
+                });
+            }
+        }
    }
 }