Adal JS - Logout of just one AD site

问题

I'm working on a SPA that is utilizing ADAL JS. After calling adalService.logOut(), the user is properly redirected to the microsoft oauth logout URL and logout happens just fine. However, the user is logged out of all Microsoft 365 sites and all other sites utilizing ADAL.

Is there a way to only the log the user out of this one site?

回答1:

Unfortunately, the way the ADAL JS library works is just as you described. When the logout function is called it clears the entire cache. Per the Wiki : https://github.com/AzureAD/azure-activedirectory-library-for-js/wiki/Login-methods#logout

Logout When the logout method is called, the library clears the application cache in the browser storage and sends a logout request to the Azure AD instance's logout endpoint.

authContext.logOut(); The default behavior is to redirect the user to window.location.href after logout. If a postLogoutRedirectUri value is set at the config time, the user will be redirected to that URI.

The only other way to logout manually. That would be, look through the cache yourself, and delete the information you're interested in deleting there. This would in a way "logout" the user, since you have removed access to the token.

Per the wiki's config Auth Context https://github.com/AzureAD/azure-activedirectory-library-for-js/wiki/Config-authentication-context:

cacheLocation - ADAL caches tokens in the browser storage which defaults to 'sessionStorage'. You can set this to either 'localStorage' or 'sessionStorage'.

window.config = {
    clientId: 'g075edef-0efa-453b-997b-de1337c29185',
    cacheLocation: 'localStorage' // Default is sessionStorage
}; Tokens are accessible from JavaScript since ADAL.JS is using HTML5 browser storage. It is recommended to prompt users to login

again for important operations in your app. You should also protect your site for XSS. Please check the article here: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

You can read further details about the other configurable options here.

And for more information on accessing local storage, you can read up on it here : https://blog.logrocket.com/the-complete-guide-to-using-localstorage-in-javascript-apps-ba44edb53a36

And the MDN Web doc for storage can be found here : https://developer.mozilla.org/en-US/docs/Web/API/Storage

来源：https://stackoverflow.com/questions/55954862/adal-js-logout-of-just-one-ad-site