0

我只是在做 msal.logout() ,它重定向到注销屏幕,然后要求登录,然后登录后导航到www.office.com,我怎样才能在注销后停止所有重定向。

这是配置

export const msalConfig: Configuration = {
 
  auth: {
    clientId: "xxxxxx",
    authority: "https://login.microsoftonline.com/xxx",
    redirectUri: `http://localhost:3000`,
    postLogoutRedirectUri: `https://localhost:3000/logout`
  }
};

import { IMsalContext, useMsal } from "@azure/msal-react";
   const { instance } = useMsal();

    export function handleLogout(instance: any) {   
        instance.logout(endSessionRequest); //This logouts and then ask for login and then go to www.office.com  which is not configured anywhere in msalConfig    
    }

    export const endSessionRequest: EndSessionRequest = {
      postLogoutRedirectUri: `https://localhost:3000/logout`
    };

注意:这是登录点击后的redirecturl,其中包含www.office.com

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=xxxxxx&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A% 2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=637691229835396604.NDZlZjRkMTMtYWZlYy00Mzg1LTk3YmItODc4ZDFlNzhlMTRjMDhmN2Q4MjEtNTRiYi00NGQxLTgzNTItYTI4MGVkYjYzN2Ni&ui_locales=en-US&mkt=en-US&client-request-id=0eb6f9a0-525d-4939-8541-893d9a960497&state=Iw9_CAMwjrzffsm_V8laWMVsfcREPJmGdcsvXd9G0jVaYt7fRttltWjZz1Gkfi2caIY40VJ6aaSbNQMdjFUcadHS6walpe5THq2cszy_bisx4ygWv8Pe6HothKP8QHYzbuWo0PjTj2h9O1xUv-F2CC2vUBcAyTARXjOsr6uxxp4-aENCwsRO76rRqGRMPDq4C7-VdTaFmQoyRR1OHGfV6WJ7Ep5KNIR1j65NMPlYW- rZ2dAPMoFFeyPcSCsX5H1O0FTOPSGDAJdXf215L50Ybg&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.11.0.0#

4

1 回答 1

0

登录有两个函数,loginPopup() 和 loginRedirect()。注销只有一个函数:logout()。在这里阅读更多。

当您注销时,您需要清除应用程序和https://msft.sts.microsoft.com/的 cookie 。

清除https://msft.sts.microsoft.com的 cookie只能由 STS 自己完成(安全隔离),因此之后需要重定向到 postlogoutRedirectUrl。

于 2021-10-07T21:56:27.780 回答