Logout issue blazor

Questions
1

I have a blazor application and I have implemented the login and logout using openId connect. I was able to login and get authenticated. After authenticated, we are getting a link back like this
http://{domain}/login/token/redirect?stateToken=02.id.FG94TfF8YNNK-6CcVobVh0t0YhVVN2Fy2qkjH4xM

My controller code is as follows:

type or paste co        [HttpGet("Login")]
        public IActionResult Login([FromQuery] string returnUrl)
        {
            var redirectUri = returnUrl is null ? Url.Content("~/") : "/" + returnUrl;
            if (User.Identity.IsAuthenticated)
            {
                return LocalRedirect(redirectUri);
            }

            return Challenge();
        }

        [HttpGet("Logout")]
        public async Task<ActionResult> Logout([FromQuery] string returnUrl)
        {

            var redirectUri = returnUrl is null ? Url.Content("~/") : "/" + returnUrl;
            if (!User.Identity.IsAuthenticated)
            {
                return LocalRedirect(redirectUri);
            }
           await HttpContext.SignOutAsync();
            return LocalRedirect("/logout/100");
        }

Questions

  1. How to capture the stateToken in the login method.
  2. When I click the logout button, it is redirecting to the login screen instead of my logout page…
    If I commented out the await HttpContext.SignOutAsync(), then logout page is coming stating it is still Validateduser.

How to resolve the logout. Our requirement is as soon as I click the logout button, the user sessions should get cleared and redirect to the logout page.

Any help appriciated.

Thanks in advance

2

The first question is a bit outside the scope of identity; you provide the state and it comes back as an attribute in the query string of the response. This page at learn.microsoft may help you, it explains how to get at the query string: ASP.NET Core Blazor routing and navigation | Microsoft Learn

For the second question I think you have a misconception as to how logout works. It follows the same pattern as login; the user is sent on a redirect to the authorization server /logout endpoint with the URL it wants the user to land when they are redirected back. So even though you are "await"ing the response from the SignOutAsync, you will never ever get to the next line. Check out this blog post, the logout is addressed starting right underneath “Create your Okta application”: Secure Your .NET 5 Blazor Server App with MFA | Okta Developer