3

In our current SPA implementation we authenticate against AzureAD using adal.js and upon successful authentication hit our web api to get the authorization data. There are a couple of edge case scenarios where the get authorization data call could fail. In this case we would like to clear out the state/cache created by adal.js. I have tried a few things but I have not not been able to create a clean slate. Here is some code that I have tried.

localStorage.clear();
 var authContext = AuthenticationContext.prototype._singletonInstance;
 authContext.clearCache();
 authContext._user = null;

I don't want to use the built in logout function. Calling logout redirects the user to the Azure signout page. The UX is pretty wierd so trying to avoid it.

kolhapuri
  • 1,581
  • 4
  • 20
  • 31

2 Answers2

4

If you want to clear all the cache entries created by adal, clearCache() is the method that should be used, and if you want to clear the cache only for a specific resource entry, then use clearCacheForResource.

But one more thing to note is, these two methods only clear the cache/storage though, it won't clear any session/cookie hold on azure ad, if you want to clear that, then the built in logout should be the one to use.

You could probably try to implement the silent logout(probably using iframe, this will prevent the ux from displaying), and then call clearCache to clear the localstorage/sessionstorage

Leniel Maccaferri
  • 100,159
  • 46
  • 371
  • 480
Wei Jia
  • 168
  • 4
  • I am using the builtin logout to allow the user to log out in a normal scenario. But in the case of the failure scenario I need to do it programatically. The built in logout is not an option for me as there is a redirect that happens. I have tried the clearCache but that does not wipe out the cookie/session state. – kolhapuri Jul 29 '15 at 18:58
  • 1
    clearCache won't wipe out cookie/session state, as I said, it only clears out the localstorage/sessionstorage. adal.js doesn't expose a way for you do so. You could probably try to implement the silent logout(probably using iframe, this will prevent the ux from displaying), and then call clearCache to clear the localstorage/sessionstorage. – Wei Jia Jul 29 '15 at 19:24
0

You can set postLogoutRedirectUri to your aplication setup:

  adalProvider.init(
        {
            instance: 'https://login.microsoftonline.com/',
            tenant: 'www.contoso.com',
            clientId: '0101001010101',
            extraQueryParameter: 'nux=1',
            cacheLocation: 'localStorage', // enable this for IE, as sessionStorage does not work for localhost.
            endpoints: endpoints,
            postLogoutRedirectUri: 'https://www.yourapp.com'
        },
        $httpProvider
        );
Guilherme Teubl
  • 1,136
  • 11
  • 11
  • Guilherme, What I was trying to do was to not get redirected to the MS token service page. The accepted answer explains how to do this using an iframe. – kolhapuri Nov 05 '15 at 19:40