I'm build an ASP.Net Core page with MicrosoftIdentity login/logout.
My _LoginPartial looks like this:
- If the user is not signed in, it shows a "Sign in" item
- If the user is signed in, it shows their initials with a dropdown, then their name, email, Sign Out and Switch Accounts buttons
@using System.Security.Principal
@using System.Security.Claims;
<ul class="navbar-nav">
@if (User.Identity?.IsAuthenticated == true)
{
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbarDarkDropdownMenuLink" role="button" data-bs-toggle="dropdown" aria-expanded="false">
@string.Concat((User.Claims.FirstOrDefault(c => c.Type == "name")?.Value ?? "")
.Split(new[] { ' ' }, StringSplitOptions.RemoveEmptyEntries)
.Where(x => x.Length >= 1 && char.IsLetter(x[0]))
.Select(x => char.ToUpper(x[0])))
</a>
<div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDarkDropdownMenuLink">
<div class="dropdown-item-text"><b>@User.Claims.FirstOrDefault(c => c.Type == "name")?.Value</b></div>
<div class="dropdown-item-text">@User.Claims.FirstOrDefault(c => c.Type == "preferred_username")?.Value</div>
<div class="dropdown-divider"></div>
<a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignOut" asp-route-postLogoutRedirectUri=@ViewContext.HttpContext.Request.Path>Sign out</a>
<a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignIn" [email protected]>Switch Account</a>
</div>
</li>
}
else
{
<li class="nav-item">
<a class="nav-link" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignIn" [email protected]>Sign in</a>
</li>
}
</ul>
The "Switch Account" was achieved by adding "Prompt": "select_account" to my appconfig AzureAd section and works great.
The asp-route-redirectUri parameters work great for the "Sign in" and "Switch Account" actions, but they don't seem to be used by Sign Out. I've tried with asp-route-redirectUri and asp-route-postLogoutRedirectUri but neither work. Is there a different name for a post-logout redirect?
I've tried using the Rewriter, which works if I'm redirecting to a specific page:
app.UseRewriter(
new RewriteOptions().Add(context =>
{
if (context.HttpContext.Request.Path == "/MicrosoftIdentity/Account/SignedOut")
{
context.HttpContext.Response.Redirect("/Home/Index");
}
}));
But at the point that's invoked, I can't find anything in the context to tell me where it originally came from (and hence to redirect back to).
So, what can I add to the original link anchor:
<a class="nav-link text-dark"
asp-area="MicrosoftIdentity"
asp-controller="Account"
asp-action="SignOut"
asp-route-postLogoutRedirectUri=@ViewContext.HttpContext.Request.Path
>
Sign out
</a>
that will show up in the final post-logout context, that I can use to decide where to redirect to (i.e. staying on the original page)?
Or is there a simpler way for me to have a "Sign out" button on my page that returns to the same page after the log out flow has completed?