NavigationManager.NavigateToLogout() stuck on authentication/logout-callback - reopen.

[dean-azure]

Is there an existing issue for this?

• I have searched the existing issues

Describe the bug

This is to reopen task 56732

Expected Behavior

Please reference 56732

Steps To Reproduce

Please reference 56732

Exceptions (if any)

No response

.NET Version

8.x

Anything else?

Here is the debug output requested on

56732

Debugoutput.zip

[dean-azure]

I was not able to respond promptly to 57632. I didn't see an option to reopen 57632 so attaching the requested debug output here.

[dean-azure]

When I run in localhost, the front end logs out normally. Would you like the same debug out from localhost to compare with the log output i've attached from our test environment?

[dean-azure]

Any updates?

[dean-azure]

Any new updates?

[dean-azure]

The comment "added to 9.0-rc2"
Does this mean the issue has been identified and part of an future release?

[halter73]

Thanks for the debug logs. I am able to verify that I can publish and trim a Blazor WebAssembly app using AddOidcAuthentication with the latest 8.0.8 packages and get redirected to the default authentication/logged-out page after successfully handing a logout click. I can also confirm this logs me out.

However, I was able to reproduce something similar to your logs which abruptly end after handing logout-callback by going back to the /authentication/logout-callback?state=... page after successfully logging out. For comparison:

Your failed logs

dotnet.runtime.8.0.7.3bvrr6lyon.js:3 dbug: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorViewCore[1]
      Processing action logout-callback.
dotnet.runtime.8.0.7.3bvrr6lyon.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 23 of type Telerik.Blazor.Components.RootComponent.TelerikFragmentContainer
dotnet.runtime.8.0.7.3bvrr6lyon.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 37 of type Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorView
dotnet.runtime.8.0.7.3bvrr6lyon.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 24 of type StoneX.CommoditySolutions.Frontend.Shared.Menu
dotnet.runtime.8.0.7.3bvrr6lyon.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 25 of type Microsoft.AspNetCore.Components.CascadingValue`1[StoneX.CommoditySolutions.Frontend.Shared.Menu]
dotnet.runtime.8.0.7.3bvrr6lyon.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 37 of type Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorView
dotnet.runtime.8.0.7.3bvrr6lyon.js:3 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
      Authorization failed. These requirements were not met:
      DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
dotnet.runtime.8.0.7.3bvrr6lyon.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 28 of type Microsoft.AspNetCore.Components.Authorization.AuthorizeView
EOF

Successful logs

dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorViewCore[1]
      Processing action logout-callback.
AuthenticationService.js:2 trce: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticationService[0]
      completeSignOut: "https://localhost:7275/authentication/logout-callback?state=c6c20cbb148e4348b464d56b1e4d91b9"
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 23 of type Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorView
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 1 of type Microsoft.AspNetCore.Components.Authorization.CascadingAuthenticationState
dotnet.runtime.js:3 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
      Authorization failed. These requirements were not met:
      DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 2 of type Microsoft.AspNetCore.Components.CascadingValue`1[System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Components.Authorization.AuthenticationState]]
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Routing.Tree.TreeRouter[1]
      Request successfully matched the route with name '(null)' and template '/authentication/{action}'
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.Routing.Router[2]
      Navigating to component BlazorWasmRemoteAuthentication.Pages.Authentication in response to path '/authentication/logout-callback' with base URI 'https://localhost:7275/'
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 4 of type Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 6 of type Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView+AuthorizeRouteViewCore
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 14 of type Microsoft.AspNetCore.Components.Authorization.AuthorizeView
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 3 of type Microsoft.AspNetCore.Components.Routing.Router
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 7 of type Microsoft.AspNetCore.Components.LayoutView
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 4 of type Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 5 of type Microsoft.AspNetCore.Components.Routing.FocusOnNavigate
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 8 of type BlazorWasmRemoteAuthentication.Layout.MainLayout
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 6 of type Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView+AuthorizeRouteViewCore
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 7 of type Microsoft.AspNetCore.Components.LayoutView
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 8 of type BlazorWasmRemoteAuthentication.Layout.MainLayout
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorViewCore[15]
      Logout redirect completed successfully.
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorViewCore[4]
      Navigating to authentication/logged-out.
...

Failed logs after revisiting logout-callback?state=...

dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorViewCore[1]
      Processing action logout-callback.
AuthenticationService.js:2 trce: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticationService[0]
      completeSignOut: "https://localhost:7275/authentication/logout-callback?state=c6c20cbb148e4348b464d56b1e4d91b9"
2dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 23 of type Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorView
dotnet.runtime.js:3 info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
      Authorization failed. These requirements were not met:
      DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
dotnet.runtime.js:3 dbug: Microsoft.AspNetCore.Components.RenderTree.Renderer[3]
      Rendering component 14 of type Microsoft.AspNetCore.Components.Authorization.AuthorizeView

In my case, this happens because the state url was cleared from local storage here when the state was read the first time the logout-callback was processed.

You'll notice I have an extra trace-level log for completeSignOut. If you enable trace-level logging, you should see that too. It might be worth adding a breakpoint inside of the completeSignOut in AuthenticationService.js to get a better idea was going on. If completeSignOut returns "OperationCompleted" rather than "Success", the RemoteAuthenticationService will skip any further processing.

If that doesn't give you enough information to resolve the issue on your own, we'll need a minimal repro that demonstrates the problem. You can omit the "Authority" and "ClientId" for the OIDC configuration, but it should otherwise be complete.

[dotnet-policy-service]

Thank you for filing this issue. In order for us to investigate this issue, please provide a minimal repro project that illustrates the problem without unnecessary code. Please share with us in a public GitHub repo because we cannot open ZIP attachments, and don't include any confidential content.

[dotnet-policy-service]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate.

See our Issue Management Policies for more information.