Microsoft-authentication-library-for-js: Add logoutPopup method to UserAgentApplication

Created on 17 Mar 2020  路  2Comments  路  Source: AzureAD/microsoft-authentication-library-for-js

Please follow the issue template below. Failure to do so will result in a delay in answering your question.

Library

Description

It would be nice to supply a logoutPopup method. I am building an application that uses MSAL but it's for secondary features and is not critical to the application. So i want to supply my users a way to sign out of MSAL, currently UserAgentApplication only supports signing out through a redirect, but is disruptive to SPA. For now i can manually show a popup but this seems like something that should be part of the library. 

const popup = window.open(`${auth.authority}/oauth2/v2.0/logout`, 'logout', 'width=450,height=600');
popup.focus();
picture arsnyder16
👍4

Most helpful comment

I am also running into an issue where we show a page to make an MS Teams meeting link in an iframe. The logout() method does not work for us because it takes us to the logout page which sends the X-Frame-Options: Deny header, which disallows the page from being loaded in the iframe.

I've worked around it by borrowing code from the msal module to show the logout in a popup, but it's not pretty. (Also, when I added the postLogoutRedirectUri it didn't seem like I was being redirected back there. The way I have it set up now it's not the end of the world, though).

      //@ts-ignore
      msalApp.clearCache();
      //@ts-ignore
      msalApp.account = null;
      //@ts-ignore
      msalApp.authorityInstance.resolveEndpointsAsync().then(authority => {
        const urlNavigate = authority.EndSessionEndpoint
            ? authority.EndSessionEndpoint
            : `${msalApp.authority}oauth2/v2.0/logout`;
        (msalApp as any).openPopup(urlNavigate, "msal", 400, 600);
      });
picture evanbattaglia on 19 Mar 2020
👍3

All 2 comments

I am also running into an issue where we show a page to make an MS Teams meeting link in an iframe. The logout() method does not work for us because it takes us to the logout page which sends the X-Frame-Options: Deny header, which disallows the page from being loaded in the iframe.

I've worked around it by borrowing code from the msal module to show the logout in a popup, but it's not pretty. (Also, when I added the postLogoutRedirectUri it didn't seem like I was being redirected back there. The way I have it set up now it's not the end of the world, though).

      //@ts-ignore
      msalApp.clearCache();
      //@ts-ignore
      msalApp.account = null;
      //@ts-ignore
      msalApp.authorityInstance.resolveEndpointsAsync().then(authority => {
        const urlNavigate = authority.EndSessionEndpoint
            ? authority.EndSessionEndpoint
            : `${msalApp.authority}oauth2/v2.0/logout`;
        (msalApp as any).openPopup(urlNavigate, "msal", 400, 600);
      });
evanbattaglia picture evanbattaglia on 19 Mar 2020
👍3

Closing, as we will consider this for MSAL Browser in #2563

jasonnutter picture jasonnutter on 2 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

adriannasui picture adriannasui  路  3Comments
sameerag picture sameerag  路  3Comments
Calamari picture Calamari  路  3Comments
spottedmahn picture spottedmahn  路  4Comments
jviney picture jviney  路  3Comments