public async Task <ActionResult> RevokeTokenAsync([FromBody] TokenRevokeRequest request)
{
var requestDTO = new TokenRevokeDTO
{
RefreshToken = request.RefreshToken,
UserName = User.Identity.Name
};
await authService.RevokeTokenAsync(requestDTO);
return(Ok());
}
public async Task <TokenRevokeResponse> RevokeToken(TokenRevokeRequest request)
{
var response = new TokenRevokeResponse();
var currentUser = _cacheManager.GetCachedCurrentUser(request.CurrentUserId);
if (!currentUser.IsAdmin)
{
response.SetInvalid();
return(response);
}
var integrationClient = await _integrationClientRepository.Select(x => x.Uid == request.IntegrationClientUid);
if (integrationClient.IsNotExist())
{
response.SetInvalid();
response.ErrorMessages.Add("integration_client_not_found");
return(response);
}
if (integrationClient.OrganizationId != currentUser.OrganizationId)
{
response.SetInvalid();
return(response);
}
var token = await _tokenRepository.Select(x => x.AccessToken == request.Token);
if (token.IsNotExist())
{
response.SetInvalid();
response.ErrorMessages.Add("token_not_found");
return(response);
}
var result = await _tokenRepository.Delete(request.CurrentUserId, token.Id);
if (result)
{
response.Status = ResponseStatus.Success;
return(response);
}
response.SetFailed();
return(response);
}
public async Task <IActionResult> Revoke(Guid tokenUid, Guid clientUid)
{
if (tokenUid.IsEmptyGuid() ||
clientUid.IsEmptyGuid())
{
return(RedirectToAccessDenied());
}
var request = new TokenRevokeRequest(CurrentUser.Id, tokenUid, clientUid);
var response = await _integrationService.RevokeToken(request);
if (response.Status.IsNotSuccess)
{
return(RedirectToAccessDenied());
}
CurrentUser.IsActionSucceed = true;
return(Json(response.Status));
}
