private async Task <bool> TryRevokeAuthorizationAsync([NotNull] AuthenticationTicket ticket)
        {
            // Note: if the authorization identifier or the authorization itself
            // cannot be found, return true as the authorization doesn't need
            // to be revoked if it doesn't exist or is already invalid.
            var identifier = ticket.GetProperty(OpenIddictConstants.Properties.AuthorizationId);

            if (string.IsNullOrEmpty(identifier))
            {
                return(true);
            }

            var authorization = await Authorizations.FindByIdAsync(identifier);

            if (authorization == null)
            {
                return(true);
            }

            try
            {
                // Note: the request cancellation token is deliberately not used here to ensure the caller
                // cannot prevent this operation from being executed by resetting the TCP connection.
                await Authorizations.RevokeAsync(authorization);

                Logger.LogInformation("The authorization '{Identifier}' was automatically revoked.", identifier);

                return(true);
            }

            catch (Exception exception)
            {
                Logger.LogDebug(exception, "An exception occurred while trying to revoke the authorization " +
                                "associated with the token '{Identifier}'.", identifier);

                return(false);
            }
        }
예제 #2
0
        private async Task <bool> TryRevokeAuthorizationAsync([NotNull] AuthenticationTicket ticket, [NotNull] HttpContext context)
        {
            // Note: if the authorization identifier or the authorization itself
            // cannot be found, return true as the authorization doesn't need
            // to be revoked if it doesn't exist or is already invalid.
            var identifier = ticket.GetProperty(OpenIddictConstants.Properties.AuthorizationId);

            if (string.IsNullOrEmpty(identifier))
            {
                return(true);
            }

            var authorization = await Authorizations.FindByIdAsync(identifier, context.RequestAborted);

            if (authorization == null)
            {
                return(true);
            }

            try
            {
                await Authorizations.RevokeAsync(authorization, context.RequestAborted);

                Logger.LogInformation("The authorization '{Identifier}' was automatically revoked.", identifier);

                return(true);
            }

            catch (Exception exception)
            {
                Logger.LogWarning(exception, "An exception occurred while trying to revoke the authorization " +
                                  "associated with the token '{Identifier}'.", identifier);

                return(false);
            }
        }