-
Notifications
You must be signed in to change notification settings - Fork 969
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement SignOut #32
Implement SignOut #32
Conversation
@@ -11,28 +11,94 @@ public static class ClaimsPrincipalExtension | |||
/// <param name="claimsPrincipal">Claims principal</param> | |||
/// <returns>A string corresponding to an account identifier as defined in <see cref="Microsoft.Identity.Client.AccountId.Identifier"/></returns> | |||
public static string GetMsalAccountId(this ClaimsPrincipal claimsPrincipal) | |||
{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NB
In single tenant scenarios, for a guest account, the ClaimsPrincipal does not contain enough information to compute the account id as the tenant id is the guest tenant (where the gest account was invited), and the oid is the guest oid. We'd need, for the Web scenario to also surface the guest AccountId
var account = await app.GetAccountAsync(context.HttpContext.User.GetMsalAccountId()); | ||
|
||
// Workaround for the guest account | ||
if (account == null) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note what needs to be done for guest accounts in single tenant apps (tenantId is a GUID or domain in appsettings.json and user logs-in with a guest account)
IAccount account = await application.GetAccountAsync(accountIdentifier); | ||
|
||
// Special case for guest users as the Guest iod / tenant id are not surfaced. | ||
if (account == null) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same thing.
Special processing for guest users in single tenant appps.
@henrik-me @bgavrilMS |
Purpose
Does this introduce a breaking change?
Pull Request Type
What kind of change does this Pull Request introduce?
How to Test
Follow the readme.
What to Check
Checks that the sample works fine with guest accounts when tenantId is a GUID in appsettings.json
Other Information