From 5c10f9e96bd40794cd83f12cf34bcf72cf17dbb9 Mon Sep 17 00:00:00 2001 From: Hao Kung Date: Wed, 12 Nov 2014 12:38:34 -0800 Subject: [PATCH] SignOut all identity cookies except for RememberMe Fixes https://github.com/aspnet/Identity/issues/211 --- src/Microsoft.AspNet.Identity/SignInManager.cs | 2 ++ test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs | 2 ++ 2 files changed, 4 insertions(+) diff --git a/src/Microsoft.AspNet.Identity/SignInManager.cs b/src/Microsoft.AspNet.Identity/SignInManager.cs index a2ad4a591e..846fd81540 100644 --- a/src/Microsoft.AspNet.Identity/SignInManager.cs +++ b/src/Microsoft.AspNet.Identity/SignInManager.cs @@ -87,6 +87,8 @@ namespace Microsoft.AspNet.Identity public virtual void SignOut() { Context.Response.SignOut(IdentityOptions.ApplicationCookieAuthenticationType); + Context.Response.SignOut(IdentityOptions.ExternalCookieAuthenticationType); + Context.Response.SignOut(IdentityOptions.TwoFactorUserIdCookieAuthenticationType); } private async Task IsLockedOut(TUser user, CancellationToken token) diff --git a/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs b/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs index fcb4c5302a..629311bf23 100644 --- a/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs +++ b/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs @@ -485,6 +485,8 @@ namespace Microsoft.AspNet.Identity.Test var response = new Mock(); context.Setup(c => c.Response).Returns(response.Object).Verifiable(); response.Setup(r => r.SignOut(authenticationType)).Verifiable(); + response.Setup(r => r.SignOut(IdentityOptions.TwoFactorUserIdCookieAuthenticationType)).Verifiable(); + response.Setup(r => r.SignOut(IdentityOptions.ExternalCookieAuthenticationType)).Verifiable(); var contextAccessor = new Mock>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager();