joshfree
commented
3 years ago @jialindai could you please follow up on this azure-spring-aad-b2c question
Closed R0st0s closed 3 years ago
joshfree
commented
3 years ago @jialindai could you please follow up on this azure-spring-aad-b2c question
saragluna
commented
3 years ago @backwind1233 will help fix this issue, and we'll fix it by deleting this line:
yiliuTo
commented
3 years ago Closing this issue because the PR has been merged
Query/Question This is related to the Azure AD B2C Spring Boot starter. It uses the AADB2CAuthorizationRequestResolver to construct the request to B2C, and as part of that, it clears the Spring Security context. See: Source Whenever the logged in user cancels a flow, for example a profile edit or some custom policy that's not login or logout, you would expect to keep the user logged in. Spring's DefaultOAuth2AuthorizationRequestResolver doesn't do that.
Why is this not a Bug or a feature Request? There might be a valid reason for this behaviour.
Setup (please complete the following information if applicable):
Version of the Library used 2.3.3
Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report