我运行了这个项目https://github.com/JaimeStill/FullstackOverview,这是一个简单示例,说明如何将Azure广告与.net核心一起使用。使用广告作品登录,而不注明。
注销后,用户将重定向到登录页面,并再次登录。好像没有删除cookie。这是相关代码:
public static async Task MicrosoftLogout(this HttpContext context)
{
if (context.User != null && context.User.Identity.IsAuthenticated)
{
await context.SignOutAsync(); //CookieAuthenticationDefaults.AuthenticationScheme not helping
await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
await context.SignOutAsync("Cookies");
//await context.SignOutAsync("oidc");
context.Response.Cookies.Delete(MicrosoftAccountDefaults.AuthenticationScheme);
context.Response.Cookies.Delete(CookieAuthenticationDefaults.AuthenticationScheme);
context.Response.Cookies.Delete(".AspNetCore.Cookies");
context.Response.Cookies.Delete(".AspNetCore.Identity.Application");
context.Response.Cookies.Delete("Cookies");
//context.Response.Redirect("/");
}
}
public static void AddAuthProviders(this IServiceCollection services, string appId, string password)
{
services.AddAuthentication(auth =>
{
auth.DefaultChallengeScheme = MicrosoftAccountDefaults.AuthenticationScheme;
auth.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
auth.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie()
.AddMicrosoftAccount(options =>
{
options.ClientId = appId;
options.ClientSecret = password;
options.Events = new Microsoft.AspNetCore.Authentication.OAuth.OAuthEvents
{
OnRemoteFailure = OnAuthenticationFailed
};
});
}
当我手动删除cookie(在浏览器中清除cookie)然后读出来时,它正在工作。我尝试使用MicrosoftLogout方法中的代码,最初它只是
等待context.SignOutAsync();
注销前删除cookie也无济于事。
[HttpGet]
public async Task Logout()
{
foreach (var cookieKey in Request.Cookies.Keys)
{
Response.Cookies.Delete(cookieKey);
}
await HttpContext.MicrosoftLogout();
}