Blazor Webassembly Authentication Logout with OpenIDConnect endsession missing id_token_hint

[nirab25]

Is there an existing issue for this?

• [X] I have searched the existing issues

Describe the bug

Blazor WASM OIDC logout redirected to https://auth.xyz.com/connect/endsession works fine for main domain(https://app.com). It redirects with id_token_hint, post_logout_uri and state.

But it does not work with subdomain(https://subdomain.app.com). it misses id_token_hint.

Expected Behavior

It should redirect to endsession with id_token_hint

Steps To Reproduce

@code{
    private async Task BeginLogout(MouseEventArgs args)
    {
        await SignOutManager.SetSignOutState();
        NavigationManager.NavigateTo("authentication/logout");
    }
}

Exceptions (if any)

No response

.NET Version

6.04

Anything else?

No response

[steinbachio]

Overloading the NavigationManager.NavigateToLogout() function with InteractiveRequestOptions like NavigationManager.NavigateToLogin() would be great. So you could use it like this:

    var options = new InteractiveRequestOptions()
    {
        Interaction = InteractionType.SignOut,
        ReturnUrl = "authentication/logout"
    };
    options.TryAddAdditionalParameter("id_token_hint", GetIdToken());
    Navigation.NavigateToLogout($"authentication/logout", options);

[ghost]

We've moved this issue to the Backlog milestone. This means that it is not going to be worked on for the coming release. We will reassess the backlog following the current release and consider this item at that time. To learn more about our issue management process and to have better expectation regarding different types of issues you can read our Triage Process.

[paulsuart]

Instead of

options.TryAddAdditionalParameter("id_token_hint", GetIdToken());

Try

options.TryAddAdditionalParameter("idTokenHint", GetIdToken());

It seems the idTokenHint form is msal.js's internal name, and it will convert it to a querystring parameter named id_token_hint.