Tratcher
commented
3 years ago Can you share the fiddler trace files for both scenarios?
Closed SeminDM closed 3 years ago
Tratcher
commented
3 years ago Can you share the fiddler trace files for both scenarios?
SeminDM
commented
3 years ago It is fiddler trace for logout from Edge
Tratcher
commented
3 years ago Please export and share the trace files, the screen shots don't have the details I need to see.
SeminDM
commented
3 years ago @Tratcher let me know if you need additional information or other trace files.
SeminDM
commented
3 years ago @Tratcher I encountered this problem on portal.azure.com. If I try to sign out from this portal then I see "sign-out" page with address: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fportal.azure.com%3A443%2F&client_id=c44b4083...53cbdf3c&redirect_uri=https%3A%2F%2Fportal.azure.com%2Fsignin%2Findex%2F&site_id=501430&prompt=select_account&client-request-id=2e6505d9-ce54-4aac-9f59-95743b5aed04&x-client-SKU=ID_NET45&x-client-ver=5.3.0.0
It seems problem in AzureAD (or Chrome settings) but not in the OWIN.
Tratcher
commented
3 years ago That makes sense. I didn't find anything obvious when I looked at the traces. I'll close this until we find out otherwise.
Hello! I use OWIN and Azure AD for authentication in my app. Code is quite usual and simple but if need I can expose it. Problem is beginning here:
Logout doesn't work correctly with v2.0 endpoint: Azure AD vanishes cookies, redirects to specified PostLogoutURI, but Microsoft logout page remains.
Azure AD redirects to \Home\AzureADPostLogout correctly but result of the next redirect to \Home\Login is not rendered.
I suggest that problem is related to SameSite cookie flag but I configured chrome://flags/#same-site-by-default-cookies as Disabled and it doesn't help.
What does mean v2.0 and why it breaks logout? Thank you!