src/BCards.Web/Program.cs

@@ -84,24 +84,20 @@ builder.Services.AddAuthentication(options =>
     options.AuthorizationEndpoint = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
     options.TokenEndpoint = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
 
+    if (!builder.Environment.IsDevelopment())
+    {
+        options.Events.OnRedirectToAuthorizationEndpoint = context =>
+        {
+            context.RedirectUri = context.RedirectUri.Replace("http://", "https://");
+            return Task.CompletedTask;
+        };
+    }
+
     options.Events = new OAuthEvents
     {
         OnRedirectToAuthorizationEndpoint = context =>
         {
-            // 1. Força HTTPS em produção
+            context.Response.Redirect(context.RedirectUri + "&prompt=login");
-            if (!builder.Environment.IsDevelopment())
-            {
-                context.RedirectUri = context.RedirectUri.Replace("http://", "https://");
-            }
-
-            // 2. Adiciona prompt=login para forçar seleção de conta
-            var redirectUri = context.RedirectUri;
-            if (!redirectUri.Contains("prompt="))
-            {
-                redirectUri += "&prompt=login";
-            }
-
-            context.Response.Redirect(redirectUri);
             return Task.CompletedTask;
         }
     };