使用Microsoft身份验证库(MSAL)时注销不起作用 [英] Logout does not work when using Microsoft Authentication Library (MSAL)
问题描述
我有一个Xamarin.Forms iOS/Android应用程序,必须根据Microsoft Azure B2C AD对用户进行身份验证.
I have a Xamarin.Forms iOS/Android app and have to authenticate the user against a Microsoft Azure B2C AD.
我已经添加了Microsoft.Identity.Client NuGet并将其用于身份验证.
I have added the Microsoft.Identity.Client NuGet and using this for authentication.
登录工作正常,我可以使用返回的令牌来调用我们自己的Azure托管服务.
Login works fine and I am able to use the returned token to call an Azure hosted service of our own.
问题在于,当我尝试注销用户时,它无法按预期工作.
The trouble is that when I try to logout the user it does not work as expected.
如果用户注销并在杀死该应用后立即退出,则下次启动该应用时,将按预期显示登录屏幕.
If the user logs out and immediately after kills the app, the next time the app is started the login screen is presented as expected.
要杀死iOS上的应用程序,请双击主屏幕按钮并向上滑动以转到应用程序切换器.
To kill the app on iOS I go to app-switcher with double click home button and the swipe up.
但是,如果用户没有杀死该应用程序,而是按下了我的登录按钮(触发了对AcquireTokenAsync()的调用),则Microsoft.Identity.Client不会显示登录屏幕,而是会立即返回一个有效的令牌并该应用程序可以使用此令牌进行服务调用,即它是有效的令牌.
But if the user does NOT kill the app, but instead presses my login button (triggers a call to AcquireTokenAsync()) the sign in screen is NOT presented by Microsoft.Identity.Client but instead a valid token is immediately returned and the app is able to use this token for service calls, i.e. it is a valid token.
下次启动该应用程序时,令牌不再存在,并且出现登录屏幕.
Next time the app is launched the token is no longer there and the login screen appear.
奇怪的是,当我从 GitHub/active运行示例时-directory-b2c-xamarin-native 我看到了相同的行为.因此,我怀疑这是Microsoft的MSAL组件中的错误.
The strange this is that when I run the sample from GitHub/active-directory-b2c-xamarin-native I see the same behaviour. So I suspect it is a bug in the MSAL component from Microsoft.
根据示例注销,只需调用即可完成
According to the sample logout should simply be done with calling
PublicClientApplication.UserTokenCache.Clear(PublicClientApplication.ClientId);
我也尝试添加
foreach (var user in PublicClientApplication.Users)
{
user.SignOut();
}
没有任何改变.
有什么建议吗?
推荐答案
之所以发生这种情况,是因为该服务不支持某些会导致用户退出的功能.这项工作仍在进行中.
This is happening because the service does not support certain features that would result in a user sign out. This is still a work in progress.
这篇关于使用Microsoft身份验证库(MSAL)时注销不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
