diff --git a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs index 066803e99c..80e8c693be 100644 --- a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs +++ b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs @@ -73,10 +73,8 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect { return await HandleSignOutCallbackAsync(); } - else - { - return await base.HandleRequestAsync(); - } + + return await base.HandleRequestAsync(); } protected virtual async Task HandleRemoteSignOutAsync() @@ -156,7 +154,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect { if (context == null) { - return; + throw new ArgumentNullException(nameof(context)); } Logger.EnteringOpenIdAuthenticationHandlerHandleSignOutAsync(GetType().FullName); @@ -168,9 +166,9 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect var message = new OpenIdConnectMessage() { - IssuerAddress = _configuration == null ? string.Empty : (_configuration.EndSessionEndpoint ?? string.Empty), + IssuerAddress = _configuration?.EndSessionEndpoint ?? string.Empty, - // Redirect back of SigneOutCallbackPath first before user agent is redirected to actual post logout redirect uri + // Redirect back to SigneOutCallbackPath first before user agent is redirected to actual post logout redirect uri PostLogoutRedirectUri = BuildRedirectUriIfRelative(Options.SignedOutCallbackPath) }; @@ -268,14 +266,13 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect if (Request.Query.TryGetValue("State", out protectedState)) { var properties = Options.StateDataFormat.Unprotect(protectedState); - if (!string.IsNullOrEmpty(properties.RedirectUri)) + if (!string.IsNullOrEmpty(properties?.RedirectUri)) { Response.Redirect(properties.RedirectUri); return Task.FromResult(true); } } - Response.Redirect("/"); return Task.FromResult(true); } diff --git a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectOptions.cs b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectOptions.cs index 5c8bf8c0a2..12bc1c03d8 100644 --- a/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectOptions.cs +++ b/src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectOptions.cs @@ -3,7 +3,6 @@ using System; using System.Collections.Generic; -using System.ComponentModel; using System.IdentityModel.Tokens.Jwt; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.OpenIdConnect; @@ -130,8 +129,8 @@ namespace Microsoft.AspNetCore.Builder /// The uri where the user agent will be returned to after application is signed out from the identity provider. /// The redirect will happen after the SignedOutCallbackPath is invoked. /// - /// This URI is optional and it can be out of the application's domain. - public string PostLogoutRedirectUri { get; set; } + /// This URI can be out of the application's domain. By default it points to the root. + public string PostLogoutRedirectUri { get; set; } = "/"; /// /// Gets or sets if a metadata refresh should be attempted after a SecurityTokenSignatureKeyNotFoundException. This allows for automatic