public IHttpActionResult SignOut() { try { var caller = User as ClaimsPrincipal; var userName = caller?.Claims.FirstOrDefault(x => x.Type == "preferred_username")?.Value; var client = caller?.Claims.FirstOrDefault(x => x.Type == "client_id")?.Value; var session = new AccessTokenSession { ClientId = client, userId = userName }; if (StaticData.AccessToken.ContainsKey(session)) { StaticData.AccessToken.Remove(session); } var res = new ApiResponse <object> { Message = ((int)RuleExceptionCodeCommon.ValidResult).ToString() }; return(Json(res)); } catch (Exception ex) { Logger.ErrorException(ex.Message, ex); var res = new ApiResponse <object> { Message = BusinessRuleHelper.GetExceptionCode(ex).ToString() }; return(Json(res)); } }
protected override bool IsAuthorized(HttpActionContext actionContext) { try { var principal = actionContext.RequestContext.Principal as ClaimsPrincipal; var email = principal?.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email)?.Value; var userName = principal?.Claims.FirstOrDefault(x => x.Type == "preferred_username")?.Value; var client = principal?.Claims.FirstOrDefault(x => x.Type == "client_id")?.Value; var application = client.ParseEnum(Applications.UnKnown); if (!userName.IsNullOrEmpty()) { //user = UserManagementProvider.GetUsersByFilter(null).FirstOrDefault(x => x.UserName == userName); } var isActive = user?.Status ?? 0; var session = new AccessTokenSession { ClientId = client?.ToLower(), userId = userName?.ToLower() }; if (principal != null && principal.Identity.IsAuthenticated && !email.IsNullOrEmpty() && !userName.IsNullOrEmpty() && isActive == UserStatus.Active) { if (StaticData.AccessToken.ContainsKey(session) && StaticData.AccessToken[session] == actionContext.Request.Headers.Authorization.Parameter) { return(true); } } return(false); } catch (Exception ex) { Logger.ErrorException(ex.Message, ex); return(false); } }