Currently I have a WPF windows app that gets a SWT token from the following process:
- Get the providers by calling:
$"{Namespace}/v2/metadata/IdentityProviders.js?protocol=javascriptnotify&realm={HttpUtility.UrlEncode(realm)}&version=1.0"
- Call the given LoginUrl into an invisible webbrowser
- The user is prompted for the user name and password of the AD
- Use a ObjectForScripting to catch the notify action and get the token
- Send the token to the webserver where it's validated and proper app user login is completed with the claims.
Now the problem is when I try to login again it will reuse the previous credentials instead of asking again for the username and password.
What I've tried and doesn't work:
- Navigate to the logout url given at the same time as the login. It looks something like
https://{AD_URL}/adfs/ls/?wa=wsignout1.0
- Try to call the logout directly at the azure ACS namespace but gives me an error page
{namespace}/v2/wsfederation?wa=wsignoutcleanup1.0&wtrealm={HttpUtility.UrlEncode(realm)}
- Dispose the webbrowser control and create a new one
None of the above worked and it always reuses the credentials.
