After Post Sign-out Redirect to Home Page on back button click.

[Rajeesh-vr]

Microsoft.Identity.Web Library

Microsoft.Identity.Web

Microsoft.Identity.Web version

1.25.1

Web app

Sign-in users

Web API

Not Applicable

Token cache serialization

Not Applicable

Description

After the application Sign-out, the back button click will redirect the user back to the home screen of the application. How can we block the redirection to the home screen from the Azure ad logout screen?

• Application : .NET MVC 5
• Framework : 4.6.1

Reproduction steps

Please find the Sign out function below:

public void SignOut()
        {
            HttpContext.GetOwinContext().Authentication.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);

            if (Request.Cookies["MyCookie"] != null)
            {
                var c = new HttpCookie("MyCookie");
                c.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(c);
            }
            if (HttpContext.Request.Cookies[".AspNet.ApplicationCookie"] != null)
            {
                var c = new HttpCookie(".AspNet.ApplicationCookie");
                c.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(c);
            }

            if (HttpContext.Request.Cookies["__RequestVerificationToken"] != null)
            {
                var c = new HttpCookie("__RequestVerificationToken");
                c.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(c);
            }
            EndSession();
            Session.Abandon();
            AppSession.Clear();
        }

public void EndSession()
        {
            Request.GetOwinContext().Authentication.SignOut();
            Request.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie);
            this.HttpContext.GetOwinContext().Authentication.SignOut(CookieAuthenticationDefaults.AuthenticationType);
        }

Error message

No response

Id Web logs

No response

Relevant code snippets

public void SignOut()
        {
            HttpContext.GetOwinContext().Authentication.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);

            if (Request.Cookies["MyCookie"] != null)
            {
                var c = new HttpCookie("MyCookie");
                c.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(c);
            }
            if (HttpContext.Request.Cookies[".AspNet.ApplicationCookie"] != null)
            {
                var c = new HttpCookie(".AspNet.ApplicationCookie");
                c.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(c);
            }

            if (HttpContext.Request.Cookies["__RequestVerificationToken"] != null)
            {
                var c = new HttpCookie("__RequestVerificationToken");
                c.Expires = DateTime.Now.AddDays(-1);
                Response.Cookies.Add(c);
            }
            EndSession();
            Session.Abandon();
            AppSession.Clear();
        }

public void EndSession()
        {
            Request.GetOwinContext().Authentication.SignOut();
            Request.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie);
            this.HttpContext.GetOwinContext().Authentication.SignOut(CookieAuthenticationDefaults.AuthenticationType);
        }

Regression

No response

Expected behavior

I want the application not to be redirected back to the home screen of the application.

[jmprieur]

@Rajeesh-vr : this is not a question related to Microsoft.Identity.Web (which only supports ASP.NET core at this date) ASP.NET repositories are under https://github.com/aspnet. Or you could try on StackOverflow.