public async Task remove_sessions_should_delete_refresh_tokens()
{
await _pipeline.LoginAsync("alice");
var authzResponse = await _pipeline.RequestAuthorizationEndpointAsync("client", "code", "openid api offline_access", "https://client/callback");
var tokenResponse = await _pipeline.BackChannelClient.RequestAuthorizationCodeTokenAsync(new AuthorizationCodeTokenRequest
{
Address = IdentityServerPipeline.TokenEndpoint,
ClientId = "client",
Code = authzResponse.Code,
RedirectUri = "https://client/callback"
});
(await _grantStore.GetAllAsync(new PersistedGrantFilter {
SubjectId = "alice"
})).Should().NotBeEmpty();
await _sessionMgmt.RemoveSessionsAsync(new RemoveSessionsContext
{
SubjectId = "alice",
RemoveServerSideSession = false,
RevokeConsents = false,
RevokeTokens = true,
SendBackchannelLogoutNotification = false
});
(await _grantStore.GetAllAsync(new PersistedGrantFilter {
SubjectId = "alice"
})).Should().BeEmpty();
}
public async Task <IActionResult> OnPost()
{
await _sessionManagementService.RemoveSessionsAsync(new RemoveSessionsContext {
SessionId = SessionId,
});
return(RedirectToPage("/ServerSideSessions/Index", new { Token, Filter, Prev }));
}
