public async Task<IHttpActionResult> RevokePermission(RevokeClientPermission model) { if (options.Endpoints.ClientPermissionsEndpoint.IsEnabled == false) { return NotFound(); } if (User == null || User.Identity == null || User.Identity.IsAuthenticated == false) { return RedirectToLogin(); } if (model == null || ModelState.IsValid == false) { var error = ModelState.Where(x => x.Value.Errors.Any()).Select(x => x.Value.Errors.First().ErrorMessage).First(); return await RenderPermissionsPage(error); } await this.clientPermissionsService.RevokeClientPermissionsAsync(User.GetSubjectId(), model.ClientId); return RedirectToRoute(Constants.RouteNames.ClientPermissions, null); }
public async Task<IHttpActionResult> RevokePermission(RevokeClientPermission model) { Logger.Info("Revoke permissions requested"); if (!options.Endpoints.EnableClientPermissionsEndpoint) { Logger.Error("Permissions page disabled, returning 404"); eventService.RaiseFailureEndpointEvent(EventConstants.EndpointNames.ClientPermissions, "endpoint disabled"); return NotFound(); } if (User == null || User.Identity == null || User.Identity.IsAuthenticated == false) { Logger.Info("User not authenticated, redirecting to login"); return RedirectToLogin(); } if (model != null && String.IsNullOrWhiteSpace(model.ClientId)) { Logger.Warn("No model or client id submitted"); ModelState.AddModelError("ClientId", localizationService.GetMessage(MessageIds.ClientIdRequired)); } if (model == null || ModelState.IsValid == false) { var error = ModelState.Where(x => x.Value.Errors.Any()).Select(x => x.Value.Errors.First().ErrorMessage).First(); Logger.WarnFormat("Rendering error: {0}", error); return await RenderPermissionsPage(error); } Logger.InfoFormat("Revoking permissions for sub: {0}, name: {1}, clientID: {2}", User.GetSubjectId(), User.Identity.Name, model.ClientId); await this.clientPermissionsService.RevokeClientPermissionsAsync(User.GetSubjectId(), model.ClientId); eventService.RaiseClientPermissionsRevokedEvent(User as ClaimsPrincipal, model.ClientId); Logger.Info("Redirecting back to permissions page"); return RedirectToRoute(Constants.RouteNames.ClientPermissions, null); }