Make the issuer optional for sign-out operations when only one regist…

…ration was added
openiddict · Sep 1, 2022 · 9cb8878 · 9cb8878
1 parent db9b549
commit 9cb8878
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/src/OpenIddict.Abstractions/OpenIddictResources.resx b/src/OpenIddict.Abstractions/OpenIddictResources.resx
@@ -1319,6 +1319,9 @@ Alternatively, you can disable the token storage feature by calling 'services.Ad
   <data name="ID0340" xml:space="preserve">
     <value>The endpoint type associated with the state token cannot be resolved.</value>
   </data>
+  <data name="ID0341" xml:space="preserve">
+    <value>No issuer was specified in the sign-out properties. When multiple clients are registered, an issuer must be specified in the sign-out properties.</value>
+  </data>
   <data name="ID2000" xml:space="preserve">
     <value>The security token is missing.</value>
   </data>

diff --git a/src/OpenIddict.Client/OpenIddictClientHandlers.cs b/src/OpenIddict.Client/OpenIddictClientHandlers.cs
@@ -4468,6 +4468,16 @@ public ValueTask HandleAsync(ProcessSignOutContext context)
                 throw new InvalidOperationException(SR.GetResourceString(SR.ID0024));
             }
 
+            // If no issuer was explicitly attached and a single client is registered, use it.
+            // Otherwise, throw an exception to indicate that setting an explicit issuer
+            // is required when multiple clients are registered.
+            context.Issuer ??= context.Options.Registrations.Count switch
+            {
+                0 => throw new InvalidOperationException(SR.GetResourceString(SR.ID0304)),
+                1 => context.Options.Registrations[0].Issuer,
+                _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0341))
+            };
+
             return default;
         }
     }