Minor update in OpenIdConnectHandler and Options

1. Default post sign out uri to the root of the applciation;
2. Throw ArgumentNullException for null context in HandleSignOutAsync;
3. Guard null from Unprotected;
4. Clean up code

src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs

@@ -73,10 +73,8 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
             {
                 return await HandleSignOutCallbackAsync();
             }
-            else
-            {
-                return await base.HandleRequestAsync();
-            }
+
+            return await base.HandleRequestAsync();
         }
 
         protected virtual async Task<bool> HandleRemoteSignOutAsync()
@@ -156,7 +154,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
         {
             if (context == null)
             {
-                return;
+                throw new ArgumentNullException(nameof(context));
             }
 
             Logger.EnteringOpenIdAuthenticationHandlerHandleSignOutAsync(GetType().FullName);
@@ -168,9 +166,9 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
 
             var message = new OpenIdConnectMessage()
             {
-                IssuerAddress = _configuration == null ? string.Empty : (_configuration.EndSessionEndpoint ?? string.Empty),
+                IssuerAddress = _configuration?.EndSessionEndpoint ?? string.Empty,
 
-                // Redirect back of SigneOutCallbackPath first before user agent is redirected to actual post logout redirect uri
+                // Redirect back to SigneOutCallbackPath first before user agent is redirected to actual post logout redirect uri
                 PostLogoutRedirectUri = BuildRedirectUriIfRelative(Options.SignedOutCallbackPath)
             };
 
@@ -268,14 +266,13 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
             if (Request.Query.TryGetValue("State", out protectedState))
             {
                 var properties = Options.StateDataFormat.Unprotect(protectedState);
-                if (!string.IsNullOrEmpty(properties.RedirectUri))
+                if (!string.IsNullOrEmpty(properties?.RedirectUri))
                 {
                     Response.Redirect(properties.RedirectUri);
                     return Task.FromResult(true);
                 }
             }
 
-            Response.Redirect("/");
             return Task.FromResult(true);
         }
 

src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectOptions.cs

@@ -3,7 +3,6 @@
 
 using System;
 using System.Collections.Generic;
-using System.ComponentModel;
 using System.IdentityModel.Tokens.Jwt;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
@@ -130,8 +129,8 @@ namespace Microsoft.AspNetCore.Builder
         /// The uri where the user agent will be returned to after application is signed out from the identity provider.
         /// The redirect will happen after the SignedOutCallbackPath is invoked.
         /// </summary>
-        /// <remarks>This URI is optional and it can be out of the application's domain.</remarks>
-        public string PostLogoutRedirectUri { get; set; }
+        /// <remarks>This URI can be out of the application's domain. By default it points to the root.</remarks>
+        public string PostLogoutRedirectUri { get; set; } = "/";
 
         /// <summary>
         /// Gets or sets if a metadata refresh should be attempted after a SecurityTokenSignatureKeyNotFoundException. This allows for automatic