在.NET Core中使用Azure AD身份验证时如何指定自定义注销URL [英] How to specify custom logout URL when using Azure AD authentication in .NET core
问题描述
我有一个使用工作或学校帐户(Azure AD身份验证)的ASP.NET core 2.2 Web应用程序.当我退出时,应用程序最终显示在
I have an ASP.NET core 2.2 web application that uses work or school accounts (Azure AD authentication). When I sign out, the application ends up at
/AzureAD/帐户/已注销
/AzureAD/Account/SignedOut
我希望它使用在应用程序注册中指定的注销URL重定向回到首页.参见下面的屏幕截图.在此处指定注销URL时,Azure AD实际上会调用该页面(以清除会话数据),但是最终它最终在/AzureAD/Account/SignedOut位置结束.我在其他任何地方都看不到要指定注销URL的等效项.这是使用Azure AD身份验证时Visual Studio生成的退出按钮的代码.
I'd like for it to redirect back to the home page using the Logout URL specified in the application registration. See below for screenshot. When specifying a logout URL here, Azure AD does in fact call that page (to clear session data), but then it finally ends up at the /AzureAD/Account/SignedOut location. I don't see anywhere else to specify the equivalent of a logout URL. Here is the code for the sign out button as generated by Visual Studio when using Azure AD authentication.
<a asp-area="AzureAD" asp-controller="Account" asp-action="SignOut">Sign out</a>
我还尝试过将重定向直接添加到操作中.
I've also tried adding the redirect directly onto the action.
<a asp-area="AzureAD" asp-controller="Account" asp-route-post_logout_redirect_uri="https://localhost:44381" asp-action="SignOut">Sign out</a>
推荐答案
The issue happens because the embeded AccountController.cs in ASP.NET core returns to the URL you mentioned:
[HttpGet("{scheme?}")]
public IActionResult SignOut([FromRoute] string scheme)
{
scheme = scheme ?? AzureADDefaults.AuthenticationScheme;
var options = Options.Get(scheme);
var callbackUrl = Url.Page("/Account/SignedOut", pageHandler: null, values: null, protocol: Request.Scheme);
return SignOut(
new AuthenticationProperties { RedirectUri = callbackUrl },
options.CookieSchemeName,
options.OpenIdConnectSchemeName);
}
一种解决方法是构建您自己的AccountController,而不使用ASP.NET CORE随附的默认控制器,如下所示:
A workaround is to build you own AccountController instead of using the default one shipped with ASP.NET CORE, like below:
public class AccountController : Controller
{
[HttpGet]
public IActionResult SignIn()
{
var redirectUrl = Url.Action(nameof(HomeController.Index), "Home");
return Challenge(
new AuthenticationProperties { RedirectUri = redirectUrl },
OpenIdConnectDefaults.AuthenticationScheme);
}
[HttpGet]
public IActionResult SignOut()
{
var callbackUrl = Url.Action(nameof(SignedOut), "Account", values: null, protocol: Request.Scheme);
return SignOut(
new AuthenticationProperties { RedirectUri = callbackUrl },
CookieAuthenticationDefaults.AuthenticationScheme,
OpenIdConnectDefaults.AuthenticationScheme);
}
[HttpGet]
public IActionResult SignedOut()
{
if (User.Identity.IsAuthenticated)
{
// Redirect to home page if the user is authenticated.
return RedirectToAction(nameof(HomeController.Index), "Home");
}
return RedirectToAction(nameof(HomeController.Index), "ThePathYouWant");
}
[HttpGet]
public IActionResult AccessDenied()
{
return View();
}
}
这篇关于在.NET Core中使用Azure AD身份验证时如何指定自定义注销URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!