Authentication - Sign out in the browser when logging out

src/Artemis.WebClient.Workshop/Models/AccessToken.cs

@@ -12,14 +12,16 @@ public AuthenticationToken(TokenResponse tokenResponse)
         if (tokenResponse.RefreshToken == null)
             throw new ArtemisWebClientException("Token response contains no refresh token");
 
+        IdentityToken = tokenResponse.IdentityToken;
         AccessToken = tokenResponse.AccessToken;
         RefreshToken = tokenResponse.RefreshToken;
         ExpiresAt = DateTimeOffset.UtcNow.AddSeconds(tokenResponse.ExpiresIn);
     }
-
+    
     public DateTimeOffset ExpiresAt { get; private set; }
     public bool Expired => DateTimeOffset.UtcNow.AddSeconds(5) >= ExpiresAt;
 
+    public string? IdentityToken { get; private set; }
     public string AccessToken { get; private set; }
     public string RefreshToken { get; private set; }
 }

src/Artemis.WebClient.Workshop/Services/AuthenticationService.cs

@@ -258,12 +258,21 @@ public async Task Login(CancellationToken cancellationToken)
     }
 
     /// <inheritdoc />
-    public void Logout()
+    public async Task Logout()
     {
+        DiscoveryDocumentResponse disco = await GetDiscovery();
+
+        // Open the web browser for the user to log out
+        if (disco.EndSessionEndpoint != null)
+        {
+            RequestUrl authRequestUrl = new(disco.EndSessionEndpoint);
+            string url = authRequestUrl.CreateEndSessionUrl(_token?.IdentityToken);
+            Utilities.OpenUrl(url);
+        }
+
         _token = null;
         _claims.Clear();
         SetStoredRefreshToken(null);
-
         _isLoggedInSubject.OnNext(false);
     }
 

src/Artemis.WebClient.Workshop/Services/Interfaces/IAuthenticationService.cs

@@ -13,6 +13,6 @@ public interface IAuthenticationService : IProtectedArtemisService
     Task<string?> GetBearer();
     Task<bool> AutoLogin(bool force = false);
     Task Login(CancellationToken cancellationToken);
-    void Logout();
+    Task Logout();
     bool GetIsEmailVerified();
 }