/// <inheritdoc/>
public async Task RevokeSessionsAsync(UserSessionsFilter filter, CancellationToken cancellationToken = default)
{
if (_options.BackchannelLogoutAllUserSessions)
{
filter.SessionId = null;
}
if (_options.RevokeRefreshTokenOnLogout)
{
var tickets = await _ticketStore.GetUserTicketsAsync(filter);
if (tickets?.Any() == true)
{
foreach (var ticket in tickets)
{
var refreshToken = ticket.Properties.GetTokenValue("refresh_token");
if (!String.IsNullOrWhiteSpace(refreshToken))
{
var response = await _tokenEndpoint.RevokeRefreshTokenAsync(refreshToken);
if (response.IsError)
{
_logger.LogDebug("Error revoking refresh token: {error} for subject id: {sub} and session id: {sid}", response.Error, ticket.GetSubjectId(), ticket.GetSessionId());
}
else
{
_logger.LogDebug("Refresh token revoked successfully for subject id: {sub} and session id: {sid}", ticket.GetSubjectId(), ticket.GetSessionId());
}
}
}
}
}
await _sessionStore.DeleteUserSessionsAsync(filter);
}
/// <inheritdoc/>
public async Task RevokeRefreshTokenAsync(ClaimsPrincipal user)
{
var userToken = await _userTokenStore.GetTokenAsync(user);
if (!string.IsNullOrEmpty(userToken?.RefreshToken))
{
var response = await _tokenEndpointService.RevokeRefreshTokenAsync(userToken.RefreshToken);
if (response.IsError)
{
_logger.LogError("Error revoking refresh token. Error = {error}", response.Error);
}
}
}
/// <inheritdoc/>
public async Task RevokeRefreshTokenAsync()
{
var userToken = await _userTokenStore.GetTokenAsync(_httpContextAccessor.HttpContext.User);
if (!string.IsNullOrEmpty(userToken.RefreshToken))
{
var response = await _tokenEndpointService.RevokeRefreshTokenAsync(userToken.RefreshToken);
if (response.IsError)
{
_logger.LogError("Error revoking refresh token. Error = {error}", response.Error);
}
}
}
/// <inheritdoc/>
public async Task RevokeRefreshTokenAsync(
ClaimsPrincipal user,
UserAccessTokenParameters parameters = null,
CancellationToken cancellationToken = default)
{
parameters ??= new UserAccessTokenParameters();
var userToken = await _userTokenStore.GetTokenAsync(user);
if (!string.IsNullOrEmpty(userToken?.RefreshToken))
{
var response = await _tokenEndpointService.RevokeRefreshTokenAsync(userToken.RefreshToken, parameters, cancellationToken);
if (response.IsError)
{
_logger.LogError("Error revoking refresh token. Error = {error}", response.Error);
}
}
}