Signed-out callback path coverage

[guardrex]

Fixes #34378
Fixes #34395

cc: @damienbod if you want to take a look and provide feedback.

Notes

• Updates to the Blazor+OIDC article.
• Added to the Blazor+Entra article.
• Added to the main doc set's RP+OIDC article.
• I don't think that we carry an article/sample for RP or MVC and Entra, so there's nothing to update in that regard AFAIK.
• Keeping the remarks about postLogoutRedirectUri not working when authority url contains a tenant ID AzureAD/microsoft-authentication-library-for-js#5783 for now, which were first placed by Halter back when he provided the first sample, the OIDC (BFF pattern) sample app, on Add a Blazor OIDC sample with Aspire blazor-samples#137. I'll use my version-tracking inline HTML comment notes to keep up with the remarks and mod as needed in all three articles and sample apps.
• The RP+OIDC sample app mostly refers readers to the Blazor+OIDC article for app config guidance. However, I felt placing a section on this config for this one setting makes sense. If the consensus turns out to be to just let the Blazor+OIDC article with cross-link from the RP-OIDC article take care of it, I'll 🔪 the Signed-out callback path configuration section out of the RP+OIDC article. 👂

---

Internal previews

📄 File	🔗 Preview link
aspnetcore/blazor/security/blazor-web-app-with-entra.md	aspnetcore/blazor/security/blazor-web-app-with-entra
aspnetcore/blazor/security/blazor-web-app-with-oidc.md	aspnetcore/blazor/security/blazor-web-app-with-oidc
aspnetcore/security/authentication/configure-oidc-web-authentication.md	aspnetcore/security/authentication/configure-oidc-web-authentication

[guardrex]

UPDATE (12/18): I'm waiting to hear back from @halter73 if ...

https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-web-app-dotnet-core-sign-in

... is a suitable MSAL/MS Identity Web/Entra article to cross-link at the top of the RP+OIDC article.

Otherwise, I've made the relevant updates to 🔪 most of the Entra guidance from the two OIDC articles. However, I left a bit in a NOTE in those articles just in case someone uses the OIDC bits with Entra. I'd like to avoid unnecessary doc issues.

@damienbod ... Looks like your article wasn't edited by anyone before it was published. I only had a few minutes for a quick pass, but I fixed a few nits and bits here and there. It's all just minor grammar and style manual stuff, along with our 1,000 repo-specific (undocumented) conventions.

Yikes! I see more Entra stuff in the Blazor+OIDC article to address. Another commit is coming! 🏃‍♂️

[guardrex]

I found another sample link to include for External ID at ...

https://learn.microsoft.com/en-us/samples/azure-samples/ms-identity-ciam-dotnet-tutorial/ms-identity-ciam-dotnet-tutorial-1-sign-in-aspnet-core-mvc/

... so we'll see if that along with ...

https://learn.microsoft.com/en-us/entra/external-id/customers/sample-web-app-dotnet-sign-in

... are the ones Stephen is cool with.

That's it for today. I'll make a final pass on Thursday morning.

[guardrex]

@halter73 ...

Cross reference not found: 'Microsoft.AspNetCore.Builder.OpenIdConnectOptions.SignedOutRedirectUri*'.

Hold on ... I think I found it .... THIS ONE? ...

https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.authentication.openidconnect.openidconnectoptions.signedoutredirecturi?view=aspnetcore-9.0

I'll place that one, and you can let me know if that's the wrong one.

[halter73]

That's it!

[guardrex]

@halter73 ... I performed a few more passes to mop up the last few changes. I'll merge now. I'm clearing out as many work items and closing as many PRs as I can before taking off for the 🎄 holidays. If you have further updates, please open a new issue from the bottom of the article, and I'll either try to get them in quickly now or take care of them in January. Happy Holidays! ⛄

[guardrex]

@meslubi2021 ... STOP COMMENTING! You've been reported to GitHub!