/// <inheritdoc/>
public async Task RevokeSessionsAsync(UserSessionsFilter filter, CancellationToken cancellationToken = default)
{
if (_options.BackchannelLogoutAllUserSessions)
{
filter.SessionId = null;
}
if (_options.RevokeRefreshTokenOnLogout)
{
var tickets = await _ticketStore.GetUserTicketsAsync(filter);
if (tickets?.Any() == true)
{
foreach (var ticket in tickets)
{
var refreshToken = ticket.Properties.GetTokenValue("refresh_token");
if (!String.IsNullOrWhiteSpace(refreshToken))
{
var response = await _tokenEndpoint.RevokeRefreshTokenAsync(refreshToken);
if (response.IsError)
{
_logger.LogError("Error revoking refresh token: {error} for subject id: {sub} and session id: {sid}", response.Error, ticket.GetSubjectId(), ticket.GetSessionId());
}
else
{
_logger.LogDebug("Refresh token revoked successfully for subject id: {sub} and session id: {sid}", ticket.GetSubjectId(), ticket.GetSessionId());
}
}
}
}
}
await _sessionStore.DeleteUserSessionsAsync(filter);
}
/// <inheritdoc />
public Task <IEnumerable <UserSession> > GetUserSessionsAsync(UserSessionsFilter filter)
{
filter.Validate();
var query = _store.Values.AsQueryable();
if (!String.IsNullOrWhiteSpace(filter.SubjectId))
{
query = query.Where(x => x.SubjectId == filter.SubjectId);
}
if (!String.IsNullOrWhiteSpace(filter.SessionId))
{
query = query.Where(x => x.SessionId == filter.SessionId);
}
var results = query.Select(x => x.Clone()).ToArray().AsEnumerable();
return(Task.FromResult(results));
}
/// <inheritdoc />
public Task DeleteUserSessionsAsync(UserSessionsFilter filter)
{
filter.Validate();
var query = _store.Values.AsQueryable();
if (!String.IsNullOrWhiteSpace(filter.SubjectId))
{
query = query.Where(x => x.SubjectId == filter.SubjectId);
}
if (!String.IsNullOrWhiteSpace(filter.SessionId))
{
query = query.Where(x => x.SessionId == filter.SessionId);
}
var keys = query.Select(x => x.Key).ToArray();
foreach (var key in keys)
{
_store.TryRemove(key, out _);
}
return(Task.CompletedTask);
}
/// <inheritdoc />
public Task DeleteUserSessionsAsync(UserSessionsFilter filter)
{
_logger.LogDebug("Nop implementation of session revocation for sub: {sub}, and sid: {sid}. Implement ISessionRevocationService to provide your own implementation.", filter.SubjectId, filter.SessionId);
return(Task.CompletedTask);
}
/// <inheritdoc />
public async Task <IReadOnlyCollection <AuthenticationTicket> > GetUserTicketsAsync(UserSessionsFilter filter, CancellationToken cancellationToken)
{
var list = new List <AuthenticationTicket>();
var sessions = await _store.GetUserSessionsAsync(filter, cancellationToken);
foreach (var session in sessions)
{
var ticket = session.Deserialize(_protector, _logger);
if (ticket != null)
{
list.Add(ticket);
}
else
{
// if we failed to get a ticket, then remove DB record
_logger.LogWarning("Failed to deserialize authentication ticket from store, deleting record for key {key}", session.Key);
await RemoveAsync(session.Key);
}
}
return(list);
}