2

I am developing a desktop application in WPF with C #, which connects to an Azure AD application, when trying to log out of the official documentation, it only deletes the cache but does not log out of the application, so when trying to connect again I already appear as disconnected

This is my code for login, but it doesn't work.

//cerrar sesion y volver a pantalla de menu
        public async void cerrarSesion()
        {


            var accounts = await app2.PublicClientApp.GetAccountsAsync();

            if (accounts.Any())
            {
                try
                {
                     System.Diagnostics.Process.Start("https://login.microsoftonline.com/4fb44f4b-6f0e-46f2-acea-ac4538df0c9c/oauth2/v2.0/logout");


                    await app2.PublicClientApp.RemoveAsync(accounts.FirstOrDefault()).ConfigureAwait(false);
                    Console.WriteLine("User has signed-out");

                    //NavigationService.Navigate(new Menu());

                   // System.Diagnostics.Process.Start("https://login.microsoftonline.com/4fb44f4b-6f0e-46f2-acea-ac4538df0c9c/oauth2/v2.0/logout");
                   // Console.WriteLine(Resultado.Account.HomeAccountId + "");
                }
                catch (MsalException ex)
                {
                    Console.WriteLine($"Error signing-out user: {ex.Message}");
                }
            }

        }

Stay logged in

Magdaleno
  • 35
  • 5

2 Answers2

2

AFAIK there is no way by default to remove the Session cookies from WPF web browser.You can find the reference from here.

There is already a Github issue raised for the same which can be tracked from here, which currently in a blocked state. Will be prioritized later and worked upon:

https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/425

I would suggest you to try to suppress all your cookies for achieving the same.

Please take a look at this link and see if it helps.

Also check below link for reference.

https://social.msdn.microsoft.com/Forums/vstudio/en-US/2871993e-744e-46cf-8adc-63c60018637c/deleting-cookies-in-wpf-web-browser-control?forum=wpf

Alternatively, suggested by Bigdan Gavril, in the below link

https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/425

You have some control over the browser by using the .WithPrompt method. AFAIK Prompt.ForceLogin will always force the user to enter their password.

var result = await pca.AcquireTokenInteractive(_scopes)
                        .WithPrompt(Prompt.ForceLogin)
                        .ExecuteAsync()

Hope it helps.

Mohit Verma
  • 5,140
  • 2
  • 12
  • 27
1

According to my test, we can open an embedded web browser to send a logout request. Then it will help us clear cookie and session. When we login again, we need to enter username and password. For example

private async void SignOutButton_Click(object sender, RoutedEventArgs e)
        {
            var accounts = await App.PublicClientApp.GetAccountsAsync();
            if (accounts.Any())
            {
                try
                {

                    await App.PublicClientApp.RemoveAsync(accounts.FirstOrDefault());
                    NavigationWindow window = new NavigationWindow();
                    window.Source = new Uri("https://login.microsoftonline.com/common/oauth2/v2.0/logout");
                    window.Show();
                    this.ResultText.Text = "User has signed-out";
                    this.CallGraphButton.Visibility = Visibility.Visible;
                    this.SignOutButton.Visibility = Visibility.Collapsed;
                }
                catch (MsalException ex)
                {
                    ResultText.Text = $"Error signing-out user: {ex.Message}";
                }
            }
        }

First login enter image description here

Login again enter image description here

Jim Xu
  • 21,610
  • 2
  • 19
  • 39