Azure AD注销

Question

我喜欢从天蓝色广告b2c注销我的webapp。我尝试了下面的示例https://www.janaks.com.np/azure-ad-identity-provider-in-aspnet-core-application/。

if (HttpContext.User.Identity.IsAuthenticated) 
{ 
    await HttpContext.Authentication.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme); 
    await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); 
} 

随着在Startup.cs以下配置：

app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions 
{ 
    AuthenticationScheme = settings.SignInPolicyId, 
    AutomaticChallenge = true, 
    CallbackPath = settings.SignInCallbackPath, 
    ClientId = settings.ClientId, 
    MetadataAddress = string.Format(settings.AadInstance, settings.Tenant, settings.SignInPolicyId), 
    PostLogoutRedirectUri = settings.RedirectUri, 
    TokenValidationParameters = new TokenValidationParameters 
    { 
     NameClaimType = "name" 
    }, 
    AutomaticAuthenticate = true, 
    Scope = { "openid" }, 
    ResponseType = "id_token", 
    GetClaimsFromUserInfoEndpoint = true 
}); 

但是当我尝试从以下异常webapp的退出会抛出：

InvalidOperationException: No authentication handler is configured to handle the scheme: OpenIdConnect 

感谢您的帮助。

Answer 1

您必须确定您所设置的认证方案：

if (HttpContext.User.Identity.IsAuthenticated) 
{ 
    await HttpContext.Authentication.SignOutAsync(settings.SignInPolicyId); 
    await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); 
} 

你会以某种方式必须得到政策ID这个控制器并用它来确定适当的中间件。

Answer 2

接受的答案适用于验证1，但在验证2中该方法折旧，因此请使用扩展方法。

await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); 

参考：https://github.com/aspnet/Announcements/issues/232