Consider adding SignInResult/SignOutResult and SignIn/SignOut

[kevinchalet]

MVC 6 has really cool authentication-specific ActionResults and helpers for Forbid and Challenge, but nothing for SignIn and SignOut.

It would really make this kind of actions much clearer:

[HttpPost("~/connect/logout"), ValidateAntiForgeryToken]
public async Task<IActionResult> Logout() {
    var response = HttpContext.GetOpenIdConnectResponse();
    if (response != null) {
        return View("Error", response);
    }

    // ...

    // Ask the cookies middleware to delete the local cookie created
    // when the user agent is redirected from the external identity provider
    // after a successful authentication flow (e.g Google or Facebook).
    await HttpContext.Authentication.SignOutAsync("ServerCookie");

    // Redirect the user agent to the post_logout_redirect_uri specified by the client application.
    await HttpContext.Authentication.SignOutAsync(OpenIdConnectServerDefaults.AuthenticationScheme);

    return new EmptyResult();
}

->

[HttpPost("~/connect/logout"), ValidateAntiForgeryToken]
public async Task<IActionResult> Logout() {
    var response = HttpContext.GetOpenIdConnectResponse();
    if (response != null) {
        return View("Error", response);
    }

    // ...

    return SignOut("ServerCookie", OpenIdConnectServerDefaults.AuthenticationScheme);
}

I'm fine submitting a PR if you like the general idea 👏

[rynowak]

If it would make the templated controller code more understandable/declarative then it seems like a good idea. I'm not familiar enough with this part of the system on my own to understand how much of this could be refactored into a result type.

@blowdart thoughts?

[louislewis2]

I like the general thoughts behind this idea. Seeing this included would certainly be a plus.

[davidfowl]

/cc @HaoK @lodejard

[kevinchalet]

For some reasons, I'm seeing weird issues with DependencyModel in the MVC tests.
Restoring doesn't seem to help. I'll investigate.

[kevinchalet]

"Microsoft.Extensions.DependencyModel/1.0.0-dev-1452673922": {
  "type": "package",
  "dependencies": {
    "Newtonsoft.Json": "7.0.1",
    "System.Dynamic.Runtime": "4.0.11-rc2-23616",
    "System.IO.FileSystem": "4.0.1-rc2-23616",
    "System.Linq": "4.0.1-rc2-23616",
    "System.Reflection": "4.1.0-rc2-23616",
    "System.Runtime": "4.0.21-rc2-23616"
  },
  "compile": {
    "lib/dotnet5.4/Microsoft.Extensions.DependencyModel.dll": {}
  },
  "runtime": {
    "lib/dotnet5.4/Microsoft.Extensions.DependencyModel.dll": {}
  }
}

Hum, another buggy package... I'll wipe my packages folder 😄

[pranavkm]

@PinpointTownes the DependencyModel packages went back in time. Delete the Microsoft.Extensions.DependencyModel from your packages directory (%UserProfile%/.dnx/packages and %UserProfile%/.nuget/packages) and try restoring again.

[blowdart]

@HaoK would have a better opinion than I

[HaoK]

Seems reasonable and shouldn't hurt to have. Identity takes care of some of this stuff for you already, so things like signing in with the identity created claims principal might not feel great with a SignInResult

[kevinchalet]

@PinpointTownes the DependencyModel packages went back in time.

@pranavkm that's so sneaky 😄
Thanks for the tip.

PR sent: #4259

[danroth27]

Not a bad idea, but we're trying to lock down for a stable 1.0.0 release. I think this can wait until post 1.0.0.

[kevinchalet]

@danroth27 it could wait until post-RTM, but it's really a trivial change. Actually, it's more a copy/paste of existing code (which is itself a tiny wrapper around the authentication APIs) to polish the API a little bit than a real new feature.