使用 ADAL 库的 Azure Active Directory 注销 [英] Azure Active Directory Logout with ADAL library
问题描述
我使用 Azure Active Directory 来保护我的 Web API,并在 Azure 管理门户中创建了一个本机应用程序.这个本机应用程序基本上是一个 MVC Web 应用程序,我使用 ADAL 库来获取令牌并使用该令牌调用 api.我用来获取令牌的代码如下所示:
I used the my Azure Active Directory to protect my web API and I create a native application in the Azure management portal. This native application is basically a MVC web application and I use the ADAL library to get the token and call the api with that token. The code I used to get the token is shown below:
AuthenticationContext ac = new AuthenticationContext(authority);
AuthenticationResult ar = ac.AcquireToken(resourceID, clientID, redirectURI);
string accessToken = ar.AccessToken;
现在我需要注销并切换到另一个用户,但系统会以某种方式记住用户凭据.我清除身份验证上下文中的令牌缓存并按如下方式发布注销 api 请求,其中 *** 是我的租户 ID.
Now I need to logout and switch to another user but somehow the user credentials are remembered by the system. I clear the token cache in the authentication context and post logout api request as follows where *** is my tenant ID.
//Log out after api call
ac.TokenCache.Clear();
string requestUrl = "https://login.windows.net/***/oauth2/logout";
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, requestUrl);
var response = await client.SendAsync(request);
api调用成功,但注销无效.我应该怎么做才能注销并切换到另一个用户?
The api call succeeds but the logout doesn't work. What should I do to logout and switch to another user?
推荐答案
我认为这行不通.您需要将用户重定向到注销 URL 才能注销.
I don't think this would work. You would need to redirect the user to logout URL for logout to work.
创建注销 URI 的方法如下:
Here's how you can create a logout URI:
https://login.microsoftonline.com/{0}/oauth2/logout?post_logout_redirect_uri={1}
地点:
- {0} - Azure Active Directory 的完全限定名称,例如yourad.onmicrosoft.com 或租户 ID.
- {1} - 用户在注销完成后必须重定向回的应用程序的 URL.这应该是正确的 URL 编码.
- {0} - Fully qualified name of your Azure Active Directory e.g. yourad.onmicrosoft.com or tenant id.
- {1} - The URL of your application where a user must be redirected back after the logout is complete. This should be properly URL encoded.
这篇关于使用 ADAL 库的 Azure Active Directory 注销的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
