SignOut from OpenID/AzureAD using OWIN causes invalid redirect
See original GitHub issueButton with following handler supposed to logout from Azure AD authenticated application.
<dot:Button Click="{command: Logout()}" Text="Logout" />
public void Logout()
{
this.Context.GetOwinContext().Authentication.SignOut(
OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
}
It causes error: DotVVM Debugger: Error XmlHttpRequest failed, maybe internet connection is lost or url is malformed
The redirect URL to (https://login.microsoftonline.com/xxx-xxx-xxx-xxx/oauth2/logout) seems to be sent (judging from the F12 console), but the redirect ends with error.
Issue Analytics
- State:
- Created 6 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
OWIN OpenId Authentication - Active Session after logout
I am trying to fix a security flaw where the session is not invalidating even after logout. Middleware Implementation: app.
Read more >Cannot logout from OWIN external identity provider via PKCE
One attempt with the below code to logout. The redirect after logout causes an infinite loop of redirects. The login page never displays....
Read more >Logout Redirect Page - Questions
Logout redirect causes this error: {“errorCode”:“invalid_client”,“errorSummary”:“Invalid value for 'client_id' parameter.
Read more >Invalid redirect uri but redirect uri are configured in client
Hi! I'm configuring a client for SSO in Google Workspace using Keycloak as IDP. Everything is working fine with the exception of logout....
Read more >ASP.NET (OWIN): Login
Configure Callback URLs. The Callback URL of your application is the URL where Auth0 will redirect to after the user has authenticated in...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
The sample app is here: https://github.com/riganti/dotvvm-samples-azuread-auth
I am closing the issue. Feel free to reopen this one, or create another one if you hit into any issues.
It is strange - I have received an e-mail notification about a comment, but I cannot see it here.
Here is the comment:
My reply:
The
Context
is always null in the constructor. It is set in the framework right after the constructor is called. Override theInit
method and set theTitle
property there.