CODEWITHSUNDEEP
c#asp.net-coreazure-active-directoryasp.net-core-mvcasp.net-core-2.2
Master_T
Master_T

Reputation: 7987

Redirect after signout not working in Asp.net Core 2

I'm using Asp.net Core 2.2 with AzureAD authentication. It works correctly, but now I'm having trouble trying to implement a log-out url.

I tried the following in my controller:

[HttpGet("[action]")]
public IActionResult SignOut()
{
    return SignOut(new AuthenticationProperties { RedirectUri = Url.Action(nameof(AfterSignOut)) }, AzureADDefaults.AuthenticationScheme);
}

[HttpGet("[action]")]
[AllowAnonymous]
public IActionResult AfterSignOut()
{
    return Ok("It's working!");
}

When I go with the browser to https://mySite/myController/SignOut the log-out operation works correctly (my user gets signed out, and the next time I go to a page I have to sign-in again)

Hhowever, the problem is that I am not redirected to the https://mySite/myController/AfterSignOut url, as specified in the AuthenticationProperties. What happens instead is that /SignOut just returns HTTP code 200 and that's it, it doesn't redirect me anywhere.

What am I doing wrong here?

Upvotes: 2

Views: 6938

Answers (2)

Nan Yu
Nan Yu

Reputation: 27588

You can try below solutions if using Microsoft.AspNetCore.Authentication.AzureAD.UI and use authentication like :

services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
    .AddAzureAD(options => Configuration.Bind("AzureAd", options));

Method 1:

Create Account controller and write your own Sign Out action :

public readonly IOptionsMonitor<AzureADOptions> Options;
public AccountController(IOptionsMonitor<AzureADOptions> options)
{
    Options = options;
}
public IActionResult SignOut()
{
    var options = Options.Get(AzureADDefaults.AuthenticationScheme);
    var callbackUrl = Url.Action(nameof(AfterSignOut), "Account", values: null, protocol: Request.Scheme);
    return SignOut(
        new AuthenticationProperties { RedirectUri = callbackUrl },
        options.CookieSchemeName,
        options.OpenIdConnectSchemeName);
}

Method 2 :

Use exist Sign Out function from library , set your new redirect url in OnSignedOutCallbackRedirect event :

services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
    .AddAzureAD(options => Configuration.Bind("AzureAd", options));

services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
        .AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{

    options.Events.OnSignedOutCallbackRedirect = (context) =>
    {

        context.Response.Redirect("/Account/AfterSignOut");
        context.HandleResponse();

        return Task.CompletedTask;
    };
});

And in the page you want to perform sign out add a link :

<a href="~/AzureAD/Account/SignOut">SignOut</a>

Method 3 :

Use custom URL Rewriting Middleware to redirect by checking the path , put below codes before app.UseMvc:

app.UseRewriter(
    new RewriteOptions().Add(
        context => { if (context.HttpContext.Request.Path == "/AzureAD/Account/SignedOut")
            { context.HttpContext.Response.Redirect("/Account/AfterSignOut"); }
        })
);

Also with link : <a href="~/AzureAD/Account/SignOut">SignOut</a>

Upvotes: 5

Bradley Petersen
Bradley Petersen

Reputation: 155

Try removing IActionResult and making it Void

public void SignOut()
{
    return SignOut(new AuthenticationProperties { RedirectUri = Url.Action(nameof(AfterSignOut)) }, AzureADDefaults.AuthenticationScheme);
}

OR

public async Task SignOut() // Not sure if it has a signout async method but use this if it does
    {
        return await SignOutAsync(new AuthenticationProperties { RedirectUri = Url.Action(nameof(AfterSignOut)) }, AzureADDefaults.AuthenticationScheme);
    }

Upvotes: -2

Related Questions