Adal JS-仅注销一个AD网站 [英] Adal JS - Logout of just one AD site

问题描述

我正在使用ADAL JS制作SPA。调用adalService.logOut（）之后，将用户正确重定向到Microsoft oauth注销URL，并且注销发生的很好。但是，该用户已从所有Microsoft 365站点和所有其他使用ADAL的站点中注销。

I'm working on a SPA that is utilizing ADAL JS. After calling adalService.logOut(), the user is properly redirected to the microsoft oauth logout URL and logout happens just fine. However, the user is logged out of all Microsoft 365 sites and all other sites utilizing ADAL.

是否有一种方法只能将用户从该站点注销？

Is there a way to only the log the user out of this one site?

推荐答案

不幸的是，ADAL JS库的工作方式正如您所描述的。调用注销函数时，它将清除整个缓存。根据Wiki：
https： //github.com/AzureAD/azure-activedirectory-library-for-js/wiki/Login-methods#logout

Unfortunately, the way the ADAL JS library works is just as you described. When the logout function is called it clears the entire cache. Per the Wiki : https://github.com/AzureAD/azure-activedirectory-library-for-js/wiki/Login-methods#logout

注销
调用logout方法时，库将清除浏览器存储中的
应用程序缓存，并将注销请求发送到Azure AD实例的注销端点
。

Logout When the logout method is called, the library clears the application cache in the browser storage and sends a logout request to the Azure AD instance's logout endpoint.

authContext.logOut（）;默认行为是注销后将用户重定向到
window.location.href。如果postLogoutRedirectUri值是在配置时设置的
，则用户将被重定向到该URI。

authContext.logOut(); The default behavior is to redirect the user to window.location.href after logout. If a postLogoutRedirectUri value is set at the config time, the user will be redirected to that URI.

手动注销的方式。也就是说，您自己浏览一下缓存，然后删除要删除的信息。这将以某种方式注销用户，因为您已经删除了对令牌的访问。

The only other way to logout manually. That would be, look through the cache yourself, and delete the information you're interested in deleting there. This would in a way "logout" the user, since you have removed access to the token.

每个Wiki的配置Auth Context https://github.com/AzureAD/azure-activedirectory-library-for-js/wiki/Config-authentication-context ：

Per the wiki's config Auth Context https://github.com/AzureAD/azure-activedirectory-library-for-js/wiki/Config-authentication-context:

cacheLocation-ADAL将令牌存储在浏览器存储中，
默认为'sessionStorage'。您可以将其设置为
'localStorage'或'sessionStorage'。

cacheLocation - ADAL caches tokens in the browser storage which defaults to 'sessionStorage'. You can set this to either 'localStorage' or 'sessionStorage'.

window.config = {
    clientId: 'g075edef-0efa-453b-997b-de1337c29185',
    cacheLocation: 'localStorage' // Default is sessionStorage
}; Tokens are accessible from JavaScript since ADAL.JS is using HTML5 browser storage. It is recommended to prompt users to login

再次执行应用中的重要操作。您还应该为您的网站保护
的XSS。请在此处查看文章：
https：//www.owasp。 org / index.php / XSS_（Cross_Site_Scripting）_Prevention_Cheat_Sheet

again for important operations in your app. You should also protect your site for XSS. Please check the article here: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

您可以在此处阅读有关其他可配置选项
的更多详细信息。

You can read further details about the other configurable options here.

有关访问本地存储的更多信息，您可以在此处阅读： https://blog.logrocket.com/the-complete-guide-to-using-localstorage- in-javascript-apps-ba44edb53a36

And for more information on accessing local storage, you can read up on it here : https://blog.logrocket.com/the-complete-guide-to-using-localstorage-in-javascript-apps-ba44edb53a36

您可以在此处找到用于存储的MDN Web文档： https://developer.mozilla.org/en-US/docs/Web/API/Storage

And the MDN Web doc for storage can be found here : https://developer.mozilla.org/en-US/docs/Web/API/Storage

这篇关于Adal JS-仅注销一个AD网站的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！