public async Task <ActionResult <LogoutDTO> > LogoutAsync([FromServices] ITokenBlacklistService blacklistService)
{
if (authenticationOptions.IsUnsecured)
{
return(StatusCode(StatusCodes.Status404NotFound));
}
var nonce = User.FindFirst(Nonce.Id).Value;
var ticks = Convert.ToInt64(User.FindFirst(JwtRegisteredClaimNames.Exp).Value);
var token = BlacklistedToken.FromUTCTicks(nonce, ticks);
try
{
logger.LogInformation("Blacklisting Token: {@Token}", token);
await blacklistService.Blacklist(token);
}
catch (Exception e)
{
logger.LogError("Failed to logout user. Error:{Error}", e.ToString());
}
return(Ok(new LogoutDTO {
LogoutURI = authenticationOptions.LogoutURI?.AbsoluteUri
}));
}
public void Blacklist(BlacklistedToken token)
{
sync.EnterWriteLock();
try
{
blacklist.Add(token.IdNonce);
}
finally
{
sync.ExitWriteLock();
}
}
public async Task Blacklist(BlacklistedToken token)
{
blacklistCache.Blacklist(token);
using (var cn = new SqlConnection(opts.ConnectionString))
{
await cn.OpenAsync();
await cn.ExecuteAsync(
queryBlacklist,
new { idNonce = token.IdNonce, exp = token.Expires },
commandType : CommandType.StoredProcedure,
commandTimeout : opts.DefaultTimeout
);
}
}
