AccountController and SignOut method when using Microsoft.Identity.Web.UI

Chuck Lu / 2023-08-03 / 原文

The signout html code located at

  <li class="nav-item">
            <a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignOut">Sign out</a>
        </li>

https://nuget.info/packages/Microsoft.Identity.Web.UI/2.12.4

Repository:

Type:

git

Url:https://github.com/AzureAD/microsoft-identity-web

Commit:

cd25e21816251470e78572821542e161878f0ab3

microsoft-identity-web/src/Microsoft.Identity.Web.UI/Areas/MicrosoftIdentity/Controllers/AccountController.cs at cd25e21816251470e78572821542e161878f0ab3 · AzureAD/microsoft-identity-web (github.com)

/// <summary>
        /// Handles the user sign-out.
        /// </summary>
        /// <param name="scheme">Authentication scheme.</param>
        /// <returns>Sign out result.</returns>
        [HttpGet("{scheme?}")]
        public IActionResult SignOut(
            [FromRoute] string scheme)
        {
            if (AppServicesAuthenticationInformation.IsAppServicesAadAuthenticationEnabled)
            {
                if (AppServicesAuthenticationInformation.LogoutUrl != null)
                {
                    return LocalRedirect(AppServicesAuthenticationInformation.LogoutUrl);
                }
                return Ok();
            }
            else
            {
                scheme ??= OpenIdConnectDefaults.AuthenticationScheme;
                var callbackUrl = Url.Page("/Account/SignedOut", pageHandler: null, values: null, protocol: Request.Scheme);
                return SignOut(
                     new AuthenticationProperties
                     {
                         RedirectUri = callbackUrl,
                     },
                     CookieAuthenticationDefaults.AuthenticationScheme,
                     scheme);
            }
        }

// C:\Users\clu\.nuget\packages\microsoft.identity.web.ui\2.12.4\lib\net5.0\Microsoft.Identity.Web.UI.dll

dnSpy反编译出来的源码

	/// <summary>
		/// Handles user sign in.
		/// </summary>
		/// <param name="scheme">Authentication scheme.</param>
		/// <param name="redirectUri">Redirect URI.</param>
		/// <returns>Challenge generating a redirect to Azure AD to sign in the user.</returns>
		// Token: 0x06000013 RID: 19 RVA: 0x0000221C File Offset: 0x0000041C
		[HttpGet("{scheme?}")]
		public IActionResult SignIn([FromRoute] string scheme, [FromQuery] string redirectUri)
		{
			if (scheme == null)
			{
				scheme = "OpenIdConnect";
			}
			string redirectUri2;
			if (!string.IsNullOrEmpty(redirectUri) && base.Url.IsLocalUrl(redirectUri))
			{
				redirectUri2 = redirectUri;
			}
			else
			{
				redirectUri2 = base.Url.Content("~/");
			}
			return this.Challenge(new AuthenticationProperties
			{
				RedirectUri = redirectUri2
			}, new string[]
			{
				scheme
			});
		}

		/// <summary>
		/// Challenges the user.
		/// </summary>
		/// <param name="redirectUri">Redirect URI.</param>
		/// <param name="scope">Scopes to request.</param>
		/// <param name="loginHint">Login hint.</param>
		/// <param name="domainHint">Domain hint.</param>
		/// <param name="claims">Claims.</param>
		/// <param name="policy">AAD B2C policy.</param>
		/// <param name="scheme">Authentication scheme.</param>
		/// <returns>Challenge generating a redirect to Azure AD to sign in the user.</returns>
		// Token: 0x06000014 RID: 20 RVA: 0x0000227C File Offset: 0x0000047C
		[HttpGet("{scheme?}")]
		public IActionResult Challenge(string redirectUri, string scope, string loginHint, string domainHint, string claims, string policy, [FromRoute] string scheme)
		{
			if (scheme == null)
			{
				scheme = "OpenIdConnect";
			}
			Dictionary<string, string> dictionary = new Dictionary<string, string>();
			dictionary.Add("claims", claims);
			dictionary.Add("policy", policy);
			Dictionary<string, object> parameters = new Dictionary<string, object>
			{
				{
					"login_hint",
					loginHint
				},
				{
					"domain_hint",
					domainHint
				}
			};
			OAuthChallengeProperties oauthChallengeProperties = new OAuthChallengeProperties(dictionary, parameters);
			if (scope != null)
			{
				oauthChallengeProperties.Scope = scope.Split(" ", StringSplitOptions.None);
			}
			oauthChallengeProperties.RedirectUri = redirectUri;
			return this.Challenge(oauthChallengeProperties, new string[]
			{
				scheme
			});
		}

		/// <summary>
		/// Handles the user sign-out.
		/// </summary>
		/// <param name="scheme">Authentication scheme.</param>
		/// <returns>Sign out result.</returns>
		// Token: 0x06000015 RID: 21 RVA: 0x00002308 File Offset: 0x00000508
		[HttpGet("{scheme?}")]
		public IActionResult SignOut([FromRoute] string scheme)
		{
			if (!AppServicesAuthenticationInformation.IsAppServicesAadAuthenticationEnabled)
			{
				if (scheme == null)
				{
					scheme = "OpenIdConnect";
				}
				string redirectUri = base.Url.Page("/Account/SignedOut", null, null, base.Request.Scheme);
				return this.SignOut(new AuthenticationProperties
				{
					RedirectUri = redirectUri
				}, new string[]
				{
					"Cookies",
					scheme
				});
			}
			if (AppServicesAuthenticationInformation.LogoutUrl != null)
			{
				return this.LocalRedirect(AppServicesAuthenticationInformation.LogoutUrl);
			}
			return this.Ok();
		}