public bool Logout(string refreshToken)
{
var claimsIdentity = User.Identity as ClaimsIdentity;
var customerIdValue = claimsIdentity?.FindFirst(ClaimTypes.NameIdentifier)?.Value;
// The Jwt implementation does not support "revoke OAuth token" (logout) by design.
// Delete the customer's tokens from the database (revoke its bearer token)
_tokenStoreService.RevokeCustomerBearerTokens(customerIdValue, refreshToken);
_eventPublisher.Publish(new CustomerLoggedOutEvent(_workContext.CurrentCustomer));
return(true);
}
