diff --git a/src/Microsoft.Identity.Web/AppServicesAuth/AppServicesAuthenticationInformation.cs b/src/Microsoft.Identity.Web/AppServicesAuth/AppServicesAuthenticationInformation.cs index a14e2113e..6700c477f 100644 --- a/src/Microsoft.Identity.Web/AppServicesAuth/AppServicesAuthenticationInformation.cs +++ b/src/Microsoft.Identity.Web/AppServicesAuth/AppServicesAuthenticationInformation.cs @@ -24,6 +24,7 @@ public static class AppServicesAuthenticationInformation internal const string AppServicesAuthIdentityProviderEnvironmentVariable = "WEBSITE_AUTH_DEFAULT_PROVIDER"; // AzureActiveDirectory internal const string AppServicesAuthAzureActiveDirectory = "AzureActiveDirectory"; internal const string AppServicesAuthIdTokenHeader = "X-MS-TOKEN-AAD-ID-TOKEN"; + internal const string AppServicesWebSiteAuthApiPrefix = "WEBSITE_AUTH_API_PREFIX"; private const string AppServicesAuthIdpTokenHeader = "X-MS-CLIENT-PRINCIPAL-IDP"; // Artificially added by Microsoft.Identity.Web to help debugging App Services. See the Debug controller of the test app @@ -57,7 +58,22 @@ public static string? LogoutUrl { get { - return Environment.GetEnvironmentVariable(AppServicesAuthLogoutPathEnvironmentVariable); + // Try $AppServicesAuthLogoutPathEnvironmentVariable (AppServices auth v1.0) + string? logoutPath = Environment.GetEnvironmentVariable(AppServicesAuthLogoutPathEnvironmentVariable); + if (!string.IsNullOrEmpty(logoutPath)) + { + return logoutPath; + } + + // Try the $(AppServicesWebSiteAuthApiPrefix) + string? webSite = Environment.GetEnvironmentVariable(AppServicesWebSiteAuthApiPrefix); + if (!string.IsNullOrEmpty(webSite)) + { + return $"{webSite}/logout"; + } + + // Fallback + return "/.auth/logout"; } } diff --git a/tests/Microsoft.Identity.Web.Test/WebAppExtensionsTests.cs b/tests/Microsoft.Identity.Web.Test/WebAppExtensionsTests.cs index a0e1e21d7..7ffbd6706 100644 --- a/tests/Microsoft.Identity.Web.Test/WebAppExtensionsTests.cs +++ b/tests/Microsoft.Identity.Web.Test/WebAppExtensionsTests.cs @@ -71,6 +71,7 @@ private void ResetAppServiceEnv() Environment.SetEnvironmentVariable(AppServicesAuthenticationInformation.AppServicesAuthClientIdEnvironmentVariable, string.Empty); Environment.SetEnvironmentVariable(AppServicesAuthenticationInformation.AppServicesAuthClientSecretEnvironmentVariable, string.Empty); Environment.SetEnvironmentVariable(AppServicesAuthenticationInformation.AppServicesAuthLogoutPathEnvironmentVariable, string.Empty); + Environment.SetEnvironmentVariable(AppServicesAuthenticationInformation.AppServicesWebSiteAuthApiPrefix, string.Empty); Environment.SetEnvironmentVariable(AppServicesAuthenticationInformation.AppServicesAuthIdentityProviderEnvironmentVariable, string.Empty); } diff --git a/tests/WebAppCallsMicrosoftGraph/Pages/Debugging.cshtml b/tests/WebAppCallsMicrosoftGraph/Pages/Debugging.cshtml index 839e23320..d06a4ac4b 100644 --- a/tests/WebAppCallsMicrosoftGraph/Pages/Debugging.cshtml +++ b/tests/WebAppCallsMicrosoftGraph/Pages/Debugging.cshtml @@ -3,7 +3,9 @@ @{ string[] importantEnvironmentVariables = new string[] { "WEBSITE_AUTH_ENABLED", "WEBSITE_AUTH_OPENID_ISSUER", "WEBSITE_AUTH_CLIENT_ID", - "WEBSITE_AUTH_CLIENT_SECRET", "WEBSITE_AUTH_LOGOUT_PATH", "WEBSITE_AUTH_DEFAULT_PROVIDER"}; + "WEBSITE_AUTH_CLIENT_SECRET", "WEBSITE_AUTH_LOGOUT_PATH", "WEBSITE_AUTH_DEFAULT_PROVIDER", + "WEBSITE_AUTH_API_PREFIX" +}; string[] importantHeaders = new string[] { "X-MS-TOKEN-AAD-ID-TOKEN", "X-MS-CLIENT-PRINCIPAL-IDP", "X-MS-TOKEN-AAD-ACCESS-TOKEN" }; }