Updating apps.json for portal quickstart

Azure-Samples / ms-identity-python-webapp

A Python web application calling Microsoft graph that is secured using the Microsoft identity platform

MIT License

291 stars 138 forks source link

Updating apps.json for portal quickstart #6

Closed abhidnya13 closed 4 years ago

abhidnya13 commented 4 years ago

Making logout url https as portal does not accept http value

rayluo commented 4 years ago

Agree with @sangonzal . Such change might work around the portal behavior (which we wouild like to file an issue with Portal Team), but that value is semantically incorrect because redirecting to "httpS://localhost/..." would typically fail.

Got an idea. Is it possible to adjust our app creation script instead, to not set that logout url at all? So that we can bypass such issue, rather than hardcode an incorrect workaround.

abhidnya13 commented 4 years ago

Tested that signout works irrespective of what logout url is set.

This behaviour is mainly because our sample app still relies on an eSTS feature of redirecting back to a URL specified by post_logout_redirect_uri. The reason we can remove the "logoutUrl" setting from apps.json is that we take advantage of the behavior that eSTS would honor a post_logout_redirect_uri on the fly, regardless of whatever we would configure beforehand.

abhidnya13 commented 4 years ago

Thanks @navyasric for pointing that out. I will make the ReadMe change in this PR in the next commit. And that also reminds me that we should regenerate the AppCreation Scripts to reflect this change. I will create a separate PR for updating the sample.json and the new App Creation scripts soon. Will checkin these changes so that there is no blocker for portal team to pick up the updated apps.json