Make the issuer optional for sign-out operations when only one registration was added

4 years ago · 9cb88782f5
2 changed files with 13 additions and 0 deletions
--- a/src/OpenIddict.Abstractions/OpenIddictResources.resx
+++ b/src/OpenIddict.Abstractions/OpenIddictResources.resx
@ -1319,6 +1319,9 @@ Alternatively, you can disable the token storage feature by calling 'services.Ad
  <data name="ID0340" xml:space="preserve">
    <value>The endpoint type associated with the state token cannot be resolved.</value>
  </data>
+  <data name="ID0341" xml:space="preserve">
+    <value>No issuer was specified in the sign-out properties. When multiple clients are registered, an issuer must be specified in the sign-out properties.</value>
+  </data>
  <data name="ID2000" xml:space="preserve">
    <value>The security token is missing.</value>
  </data>
--- a/src/OpenIddict.Client/OpenIddictClientHandlers.cs
+++ b/src/OpenIddict.Client/OpenIddictClientHandlers.cs
@ -4468,6 +4468,16 @@ public static partial class OpenIddictClientHandlers
                throw new InvalidOperationException(SR.GetResourceString(SR.ID0024));
            }

+            // If no issuer was explicitly attached and a single client is registered, use it.
+            // Otherwise, throw an exception to indicate that setting an explicit issuer
+            // is required when multiple clients are registered.
+            context.Issuer ??= context.Options.Registrations.Count switch
+            {
+                0 => throw new InvalidOperationException(SR.GetResourceString(SR.ID0304)),
+                1 => context.Options.Registrations[0].Issuer,
+                _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0341))
+            };
+
            return default;
        }
    }