Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement SignOut #32

Merged
merged 4 commits into from
Dec 10, 2018
Merged

Implement SignOut #32

merged 4 commits into from
Dec 10, 2018

Conversation

jmprieur
Copy link
Contributor

Purpose

Does this introduce a breaking change?

[ ] Yes
[x ] No

Pull Request Type

What kind of change does this Pull Request introduce?

[ x] Bugfix (#30)
[x ] Feature (Handles sign-out by removing the account from the cache)
[ ] Code style update (formatting, local variables)
[ x] Refactoring (no functional changes, no api changes) - in ClaimsPrincipalExtensions
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

  • Get the code
git clone [repo-address]
cd [repo-name]
git checkout [branch-name]
npm install
  • Test the code
    Follow the readme.

What to Check

Checks that the sample works fine with guest accounts when tenantId is a GUID in appsettings.json

Other Information

jmprieur
jmprieur commented Dec 10, 2018
View reviewed changes
Extensions/ClaimPrincipalExtension.cs
@@ -11,28 +11,94 @@ public static class ClaimsPrincipalExtension
/// <param name="claimsPrincipal">Claims principal</param>
/// <returns>A string corresponding to an account identifier as defined in <see cref="Microsoft.Identity.Client.AccountId.Identifier"/></returns>
public static string GetMsalAccountId(this ClaimsPrincipal claimsPrincipal)
{
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NB
In single tenant scenarios, for a guest account, the ClaimsPrincipal does not contain enough information to compute the account id as the tenant id is the guest tenant (where the gest account was invited), and the oid is the guest oid. We'd need, for the Web scenario to also surface the guest AccountId

jmprieur
jmprieur commented Dec 10, 2018
View reviewed changes
Extensions/TokenAcquisition.cs
var account = await app.GetAccountAsync(context.HttpContext.User.GetMsalAccountId());

// Workaround for the guest account
if (account == null)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note what needs to be done for guest accounts in single tenant apps (tenantId is a GUID or domain in appsettings.json and user logs-in with a guest account)

jmprieur
jmprieur commented Dec 10, 2018
View reviewed changes
Extensions/TokenAcquisition.cs
IAccount account = await application.GetAccountAsync(accountIdentifier);

// Special case for guest users as the Guest iod / tenant id are not surfaced.
if (account == null)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing.
Special processing for guest users in single tenant appps.

@jmprieur
Copy link
Contributor Author

@henrik-me @bgavrilMS
Merging (to unblock a customer)
but will raise issues against MSAL.NET

@jmprieur jmprieur merged commit c77a270 into aspnetcore2-2-signInAndCallGraph Dec 10, 2018
@jmprieur jmprieur deleted the jmprieur/addSignOut branch January 8, 2019 05:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bgavrilMS bgavrilMS Awaiting requested review from bgavrilMS

@henrik-me henrik-me Awaiting requested review from henrik-me

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@jmprieur