protected async void OnSignoutButtonClicked(object sender, EventArgs e) { if (authState.RefreshToken == null && authState.AccessToken == null) { return; } var endpoint = await authState.GetRevocationEndpointAsync(); if (endpoint != null) { #if true // Use custom HttpClientHandler for demonstration. (next 4 lines) var handler = new HttpClientHandlerEx(); handler.BeforeRequestAsyncHooks += LogPage.HttpRequestLoggerAsync; handler.AfterResponseAsyncHooks += LogPage.HttpResponseLoggerAsync; var client = new TokenRevocationClient(endpoint, innerHttpMessageHandler: handler); #else // This is normal implementation. var client = new TokenRevocationClient(endpoint); #endif var result = await client.RevokeAsync(new TokenRevocationRequest { Token = authState.RefreshToken ?? authState.AccessToken }); #if true // Google Accounts will return an "invalid_token" error on HTTP 400, not HTTP 200, // in response to a revocation request for a token that has already been revoked. if (result.IsError && result.Error != "invalid_token") { #else // This is normal implementation. if (result.IsError) { #endif #region // Write program to be executed when revoking authorization fails. ShowAuthState(); ResultLabel.Text = StringResources.MsgAuthRevokeNg; #endregion return; } } #region // Program to be executed when revoking authorization succeeds. authState.Reset(); ShowAuthState(); ResultLabel.Text = StringResources.MsgAuthRevokeOk; #endregion }