我有一个ASP.NET Core 2.1 MVC应用程序,并且正在尝试使用Azure AD进行身份验证。该应用程序重定向到Microsoft登录页面,但是当我注销然后返回到该应用程序的主页时,它会自动重新登录。
我曾尝试致电https://login.microsoftonline.com/common/oauth2/v2.0/logout并清除cookie,但无济于事。
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
options.Events.OnRedirectToIdentityProviderForSignOut = async context =>
{
var h = new HttpClient();
var r = await h.GetAsync($"https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=https%3A%2F%2Flocalhost%2%3A5001%2F");
foreach (var cookie in context.Request.Cookies.Keys)
{ …