How to exit oauth2.0 authentication windows azure Active Directory authentication

Question

How to exit oauth2.0 authentication windows azure Active Directory authentication

We use auth2.0 to authenticate the active azure window for Windows, where authentication is performed at https://login.microsoftonline.com/login.srf?wa=wsignin1.0&wtrealm= ...... and after successful authentication we redirect to our website. to access the site, we delete all cookies generated on our site and redirect again to login.microsoftonline.com/login.srf?wa=wsignin1.0&wtrealm = ....... url, but at this time we don’t get a credential screen for logging in and is redirected to our website with an access token. What process is required to exit the system. because if we delete all cookies or close the browser and restart the site and redirect us to login.microsoftonline.com/login.srf?wa=wsignin1.0&wtrealm = ........ url.

we use the following code for the exit process

    [NoCacheAttribute]
    public ActionResult LogOut()
    {
   UserCookieWrapper.delete_UserCookieWrapper();
     //This function delete all the datamemeber of the UserCookieWrapper class                             

     string[] theCookies =   
    System.IO.Directory.GetFiles(Environment.GetFolderPath(
    Environment.SpecialFolder.Cookies));
        foreach(string currentFile in theCookies)
        {
           try
           {
              System.IO.File.Delete(currentFile);
           }
           catch(Exception objEx) { }

        }                    
        Response.Clear();
       return RedirectToAction("Index", "Login"); 
       }

+4

authentication cookies oauth-2.0 azure

Abhishek 18 sept. '13 at 8:39

source share

1 answer

astaykov · Answer 1 · 2013-09-18T10:36:09+0000

Clearing the cookies you created won't help you because the user is still signed in with Azure AD. This means that Web-SSO (Single-Sign-On) is running. Regardless of the protocol that you use to authenticate with Azure AD, you still need to properly implement Sign Out - the combined exit! This applies to any web provider you find on the Internet - Google, Facebook, LinkedIn, Twitter, you name it.

, , . ( AAD), , !

, Azure Active Directory. " ". :

public void SignOut()
{
     WsFederationConfiguration fc = 
            FederatedAuthentication.FederationConfiguration.WsFederationConfiguration;

     string request = System.Web.HttpContext.Current.Request.Url.ToString();
     string wreply = request.Substring(0, request.Length - 7);

     SignOutRequestMessage soMessage = 
                     new SignOutRequestMessage(new Uri(fc.Issuer), wreply);
     soMessage.SetParameter("wtrealm", fc.Realm);

     FederatedAuthentication.SessionAuthenticationModule.SignOut();
     Response.Redirect(soMessage.WriteQueryString());
}

( ), , .

How to exit oauth2.0 authentication windows azure Active Directory authentication

More articles: