Azure AD注销

时间:2017-02-28 09:07:27

标签: azure logout azure-ad-b2c

我想从azure ad b2c中退出我的webapp。我尝试了以下示例https://www.janaks.com.np/azure-ad-identity-provider-in-aspnet-core-application/中的建议。

if (HttpContext.User.Identity.IsAuthenticated)
{
    await HttpContext.Authentication.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
    await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}

使用Startup.cs中的以下配置:

app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
    AuthenticationScheme = settings.SignInPolicyId,
    AutomaticChallenge = true,
    CallbackPath = settings.SignInCallbackPath,
    ClientId = settings.ClientId,
    MetadataAddress = string.Format(settings.AadInstance, settings.Tenant, settings.SignInPolicyId),
    PostLogoutRedirectUri = settings.RedirectUri,
    TokenValidationParameters = new TokenValidationParameters
    {
        NameClaimType = "name"
    },
    AutomaticAuthenticate = true,
    Scope = { "openid" },
    ResponseType = "id_token",
    GetClaimsFromUserInfoEndpoint = true
});

但是当我尝试从webapp注销时,会抛出异常:

InvalidOperationException: No authentication handler is configured to handle the scheme: OpenIdConnect

感谢您的帮助。

2 个答案:

答案 0 :(得分:3)

您必须确定您设置的身份验证方案:

if (HttpContext.User.Identity.IsAuthenticated)
{
    await HttpContext.Authentication.SignOutAsync(settings.SignInPolicyId);
    await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}

您将以某种方式获取该控制器的策略ID,并使用它来识别适当的中间件。

答案 1 :(得分:1)

接受的答案适用于Auth 1,但在Auth 2中该方法已弃用,因此请使用扩展方法。

await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

参考:https://github.com/aspnet/Announcements/issues/232