public async Task <IActionResult> RevokeTokenAsync([FromBody] RevokeTokenDto request) { var token = string.IsNullOrEmpty(request.Token) ? Request.Cookies["refresh-token"] : HttpUtility.UrlDecode(request.Token); var command = RevokeTokenCommand.CreateFromInput(token, CurrentUser); return(Ok(await Mediator.Send(command))); }
public async Task <IActionResult> RevokeToken([FromBody] RevokeTokenRequest model, CancellationToken cancellationToken) { var token = model.Token ?? Request.Cookies["refreshToken"]; var command = new RevokeTokenCommand(token) { Revoker = Account }; await _commandProcessor.SendAsync(command, cancellationToken : cancellationToken); return(Ok()); }
public async Task <IActionResult> RevokeToken(RevokeTokenCommand command) { // accept token from request body or cookie var token = command.Token ?? Request.Cookies["refreshToken"]; if (string.IsNullOrEmpty(token)) { return(BadRequest(new { message = "Token is required" })); } // users can revoke their own tokens and admins can revoke any tokens if (await _authorizationService.OwnsToken(token) && Author.Role != Role.Admin) { return(Unauthorized(new { message = "Unauthorized" })); } command.Token = token; command.IpAddress = IpAddress(); await _mediator.Send(command); return(Ok(new { message = "Token revoked" })); }
public void ConfigureServices(IServiceCollection services) { ILogger logger = InitLogger(services); IMongoDatabase mongodb = InitMongoDb(); ConnectionMultiplexer redisMultiplexer = InitRedis(); IConnection rabbitMqConn = InitRabbitMqConn(); IBusControl massTransitBus = InitMassTransit(); IClientFactory massTransitClientFactory = massTransitBus.CreateClientFactory(); #region Various //ITokenExtractor services.AddTransient(typeof(ITokenExtractor), (serviceProvider) => { return(new TokenExtractor(_rTokenConfig, new SymmetricKeyProvider(_rTokenKeyConfig))); }); #endregion #region Commands //IGenerateRefreshTokenCommand services.AddTransient(typeof(IGenerateRefreshTokenCommand), (serviceProvider) => { IMongoCollection <AccountRTokenInfo> rtokensRepo = mongodb.GetCollection <AccountRTokenInfo>(_accountRTokensCollectionConfig.Name); return(new GenerateRefreshTokenCommand(_rTokenConfig, new SymmetricKeyProvider(_rTokenKeyConfig), new GuidBasedSecretGenerator(), rtokensRepo, logger)); }); //IGenerateShortTokenCommand services.AddTransient(typeof(IGenerateShortTokenCommand), (serviceProvider) => { var revokedTokensRedisCollectionConfigs = new RedisCollectionConfig(_config.GetSection("redis").GetSection("revokedTokensCollection")); RedisCachedRepo <string> revokedTokensRedisRepo = new RedisCachedRepo <string>(redisMultiplexer.GetDatabase(), revokedTokensRedisCollectionConfigs.CollectionName, new DefaultSerializer(), logger); return(new GenerateShortTokenCommand(new TokenExtractor(_rTokenConfig, new SymmetricKeyProvider(_rTokenKeyConfig)), revokedTokensRedisRepo, new SymmetricKeyProvider(_sTokenKeyConfig), new GuidBasedSecretGenerator(), _sTokenConfig, logger)); }); //IRevokeAllTokensForAccountCommand services.AddTransient(typeof(IRevokeAllTokensForAccountCommand), (serviceProvider) => { IMongoCollection <AccountRTokenInfo> rtokensRepo = mongodb.GetCollection <AccountRTokenInfo>(_accountRTokensCollectionConfig.Name); var revokedTokensRedisCollectionConfigs = new RedisCollectionConfig(_config.GetSection("redis").GetSection("revokedTokensCollection")); RedisCachedRepo <string> revokedTokensRedisRepo = new RedisCachedRepo <string>(redisMultiplexer.GetDatabase(), revokedTokensRedisCollectionConfigs.CollectionName, new DefaultSerializer(), logger); var command = new RevokeAllTokensForAccountCommand(rtokensRepo, logger); var exchangeConfigs = new RabbitMqExchangeConfigs(_config.GetSection("rabbitMq").GetSection("refreshTokenRevokedEventExchange")); command.AddSubsciber(new RabbitMqEventPublisher <RefreshTokenRevokedEvent>( new RabbitMqProducer <RefreshTokenRevokedEvent>(rabbitMqConn, exchangeConfigs, logger), logger)); command.AddSubsciber(new RevokedTokenRedisCacher(revokedTokensRedisRepo, logger)); return(command); }); //IRevokeTokenCommand services.AddTransient(typeof(IRevokeTokenCommand), (serviceProvider) => { IMongoCollection <AccountRTokenInfo> rtokensRepo = mongodb.GetCollection <AccountRTokenInfo>(_accountRTokensCollectionConfig.Name); var revokedTokensRedisCollectionConfigs = new RedisCollectionConfig(_config.GetSection("redis").GetSection("revokedTokensCollection")); RedisCachedRepo <string> revokedTokensRedisRepo = new RedisCachedRepo <string>(redisMultiplexer.GetDatabase(), revokedTokensRedisCollectionConfigs.CollectionName, new DefaultSerializer(), logger); var command = new RevokeTokenCommand(rtokensRepo, logger); var exchangeConfigs = new RabbitMqExchangeConfigs(_config.GetSection("rabbitMq").GetSection("refreshTokenRevokedEventExchange")); command.AddSubsciber(new RabbitMqEventPublisher <RefreshTokenRevokedEvent>( new RabbitMqProducer <RefreshTokenRevokedEvent>(rabbitMqConn, exchangeConfigs, logger), logger)); command.AddSubsciber(new RevokedTokenRedisCacher(revokedTokensRedisRepo, logger)); return(command); }); #endregion #region Queries //IGetAllTokensForAccountQuery services.AddTransient(typeof(IGetAllTokensForAccountQuery), (serviceProvider) => { IMongoCollection <AccountRTokenInfo> rtokensRepo = mongodb.GetCollection <AccountRTokenInfo>(_accountRTokensCollectionConfig.Name); return(new GetAllTokensForAccountQuery(rtokensRepo, logger)); }); #endregion #region MassTransit services.AddTransient(typeof(IRequestClient <UserClaimsRequest>), (serviceProvider) => { var massTransitChannelName = _config.GetSection("rabbitMq").GetSection("getUserClaimsMassTransitChannel")["Name"]; var requestClient = massTransitClientFactory.CreateRequestClient <UserClaimsMQRequest>(new Uri($"rabbitmq://{_rabbitmqConfigs.Host}/{massTransitChannelName}")); return(requestClient); }); services.AddTransient(typeof(IRequestClient <AuthValidationRequest>), (serviceProvider) => { var massTransitChannelName = _config.GetSection("rabbitMq").GetSection("validateCredentialsMassTransitChannel")["Name"]; var requestClient = massTransitClientFactory.CreateRequestClient <AuthValidationMQRequest>(new Uri($"rabbitmq://{_rabbitmqConfigs.Host}/{massTransitChannelName}")); return(requestClient); }); #endregion #region Mvc Framework var mvcBuilder = services.AddMvc(); MvcConfigProvider mvcConfigProvider = new MvcConfigProvider(); mvcBuilder.AddMvcOptions(mvcConfigProvider.GetMvcOptionsConfigurer()) .AddJsonOptions(mvcConfigProvider.GetJsonOptionsConfigurer()); services.AddSession(); #endregion }
public async Task <IActionResult> RevokeToken(RevokeTokenCommand command) { await _mediator.Send(command); return(Ok()); }
public async Task <IActionResult> RevokeToken([FromBody] RevokeTokenCommand request) { await Mediator.Send(request); return(NoContent()); }