public async Task RemoveAllAsync(string subjectId, string clientId) { try { if (string.IsNullOrWhiteSpace(subjectId) || string.IsNullOrWhiteSpace(clientId)) { throw new ArgumentNullException( "subject Id and/or client Id is empty or white space"); } await _inner.RemoveAllAsync(subjectId, clientId); bool result = await _setFallBackPolicy .ExecuteAsync(async() => { await Task.Run(() => { _handle.cache.SearchService.RemoveByTags( Utilities .CreateCachePersistedGrantStoreTags( subjectId, clientId), TagSearchOptions.ByAllTags); }).ConfigureAwait(false); return(true); }).ConfigureAwait(false); if (result) { if (_debugLoggingEnabled) { _logger.LogDebug($"Persisted grants with subject id " + $"{subjectId} and client id {clientId} " + $"successfully removed"); } } else { if (_errorLoggingEnabled) { _logger.LogDebug( $"Caching problems with persistant store cache"); } } } catch (Exception ex) { if (_errorLoggingEnabled) { _logger.LogError( ex, $"something went wrong with RemoveAllAsync " + $"for {subjectId}, {clientId}"); } throw; } }
public async Task <IActionResult> OnPostAsync(string logoutId = null, string returnUrl = null) { if (logoutId == null) { logoutId = await _interaction.CreateLogoutContextAsync(); } LogoutRequest logoutContext = await _interaction.GetLogoutContextAsync(logoutId); AutomaticRedirectAfterSignOut = true; PostLogoutRedirectUri = logoutContext?.PostLogoutRedirectUri; ClientName = string.IsNullOrEmpty(logoutContext?.ClientName) ? logoutContext?.ClientId : logoutContext?.ClientName; SignOutIframeUrl = logoutContext?.SignOutIFrameUrl; // delete the local authentication cookie await _signInManager.SignOutAsync(); try { // delete reference tokens var subjectId = HttpContext.User.Identity.GetSubjectId(); await _persistedGrantStore.RemoveAllAsync(subjectId, "mvc_hybrid", "reference_token"); await _persistedGrantStore.RemoveAllAsync(subjectId, "js", "reference_token"); await _persistedGrantStore.RemoveAllAsync(subjectId, "react", "reference_token"); // raise the logout event await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName())); _logger.LogInformation("User logged out."); // set this so UI rendering sees an anonymous user HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); } catch (InvalidOperationException ioe) { if (ioe.Message == "sub claim is missing") { _logger.LogWarning("Logged out user attempting to log out"); } else { throw; } } catch (Exception e) { _logger.LogError("Error while attempting to log user out.", e); } return(Page()); }
public async Task RemoveAllAsync_Should_RemoveAll_PeristedGrants_For_A_Given_Subject_And_ClientId() { //Arrange var persistedGrantsWithTestSubjectX = await _persistedGrantStore.GetAllAsync(new PersistedGrantFilter() { SubjectId = "TestSubject-X" }); var persistedGrantsWithTestSubjectXBeforeLength = persistedGrantsWithTestSubjectX.ToArray().Length; //Act await _persistedGrantStore.RemoveAllAsync(new PersistedGrantFilter() { SubjectId = "TestSubject-X", ClientId = "TestClientId-X" }); //Assert persistedGrantsWithTestSubjectXBeforeLength.ShouldBe(2); var persistedGrants = (await _persistedGrantStore.GetAllAsync(new PersistedGrantFilter() { SubjectId = "TestClientId-37" })).ToArray(); persistedGrants.ShouldNotBe(null); persistedGrants.Length.ShouldBe(0); }
public async Task Store_Grants_And_Remove_them() { for (int i = 0; i < 5; i++) { var key = Guid.NewGuid().ToString("N"); var grant = new IdentityServer4.Models.PersistedGrant { Key = key, Expiration = DateTime.UtcNow.AddDays(1), Type = "test", ClientId = $"client{i}", SubjectId = "sub1", SessionId = "session1", CreationTime = DateTime.UtcNow, Description = "des", Data = "bla bla", ConsumedTime = DateTime.UtcNow }; await persistedGrantStore.StoreAsync(grant); } await persistedGrantStore.RemoveAllAsync(new PersistedGrantFilter { SubjectId = "sub1" }); var items = await persistedGrantStore.GetAllAsync(new PersistedGrantFilter { SubjectId = "sub1" }); items.Should().BeEmpty(); }
/// <inheritdoc/> public virtual async Task ProcessLogoutAsync(UserSession session) { if (session.ClientIds.Count > 0) { var clientsToCoordinate = new List <string>(); foreach (var clientId in session.ClientIds) { var client = await ClientStore.FindClientByIdAsync(clientId); // i don't think we care if it's an enabled client at this point if (client != null) { var shouldCoordinate = client.CoordinateLifetimeWithUserSession == true || (Options.Authentication.CoordinateClientLifetimesWithUserSession && client.CoordinateLifetimeWithUserSession != false); if (shouldCoordinate) { clientsToCoordinate.Add(clientId); } } } if (clientsToCoordinate.Count > 0) { Logger.LogDebug("Due to user logout, removing tokens for subject id {subjectId} and session id {sessionId}", session.SubjectId, session.SessionId); await PersistedGrantStore.RemoveAllAsync(new PersistedGrantFilter { SubjectId = session.SubjectId, SessionId = session.SessionId, ClientIds = clientsToCoordinate, Types = PersistedGrantTokenTypes }); } Logger.LogDebug("Due to user logout, invoking backchannel logout for subject id {subjectId} and session id {sessionId}", session.SubjectId, session.SessionId); // this uses all the clientIds since that's how logout worked before session coorindation existed // IOW, we know we're not using the clientsToCoordinate list here, also because it's active logout await BackChannelLogoutService.SendLogoutNotificationsAsync(new LogoutNotificationContext { SubjectId = session.SubjectId, SessionId = session.SessionId, ClientIds = session.ClientIds }); } }
public void PersistedGrantStore() { IPersistedGrantStore store = Fixture.GetService <IPersistedGrantStore>(); Client client = CreateClient(); Provider.AddClientAsync(client).Wait(); PersistedGrant grant1 = CreateGrant(client.ClientId, "aaa", "t1"); PersistedGrant grant2 = CreateGrant(client.ClientId, "aaa"); PersistedGrant grant3 = CreateGrant(client.ClientId, "aaa"); PersistedGrant grant4 = CreateGrant(client.ClientId); PersistedGrant grant5 = CreateGrant(client.ClientId); store.StoreAsync(grant1).Wait(); store.StoreAsync(grant2).Wait(); store.StoreAsync(grant3).Wait(); store.StoreAsync(grant4).Wait(); store.StoreAsync(grant5).Wait(); List <PersistedGrant> results = store.GetAllAsync("aaa").Result?.ToList(); Assert.Equal(3, results.Count); store.RemoveAllAsync("aaa", grant1.ClientId, "t1").Wait(); results = store.GetAllAsync("aaa").Result?.ToList(); Assert.Equal(2, results.Count); store.RemoveAllAsync("aaa", grant1.ClientId).Wait(); results = store.GetAllAsync("aaa").Result?.ToList(); Assert.Empty(results); PersistedGrant result = store.GetAsync(grant5.Key).Result; Assert.NotNull(result); store.RemoveAsync(grant5.Key); result = store.GetAsync(grant5.Key).Result; Assert.Null(result); }
public async Task RemoveAllAsync_WhenSubIdAndClientIdOfExistingReceived_ExpectGrantDeleted() { // Arrange var persistedGrant = UniquePersistedGrant; // Act await _persistedGrantStore.StoreAsync(persistedGrant); var foundPersistedGrant = await _persistedGrantStore.GetAsync(persistedGrant.Key); Assert.IsNotNull(foundPersistedGrant); await _persistedGrantStore.RemoveAllAsync(persistedGrant.SubjectId, persistedGrant.ClientId); foundPersistedGrant = await _persistedGrantStore.GetAsync(persistedGrant.Key); // Assert Assert.IsNull(foundPersistedGrant); }
/// <inheritdoc/> public Task RemoveAllGrantsAsync(string subjectId, string clientId = null, string sessionId = null) { if (String.IsNullOrWhiteSpace(subjectId)) { throw new ArgumentNullException(nameof(subjectId)); } return(_store.RemoveAllAsync(new PersistedGrantFilter { SubjectId = subjectId, ClientId = clientId, SessionId = sessionId })); }
/// <inheritdoc/> public Task RemoveAllGrantsAsync(string subjectId, string clientId = null, string sessionId = null) { using var activity = Tracing.ServiceActivitySource.StartActivity("DefaultPersistedGrantService.RemoveAllGrants"); if (String.IsNullOrWhiteSpace(subjectId)) { throw new ArgumentNullException(nameof(subjectId)); } return(_store.RemoveAllAsync(new PersistedGrantFilter { SubjectId = subjectId, ClientId = clientId, SessionId = sessionId })); }
public async Task RevokeTokensAsync(string subjectId, string clientId) { await _persistedGrantStore.RemoveAllAsync(subjectId, clientId); var user = await _userManager.FindByIdAsync(subjectId); if (user == null) { throw new InvalidOperationException($"Could not find user with the specified id. User id: {subjectId}"); } user.TokenRevokedDate = DateTimeOffset.UtcNow; await _userManager.UpdateAsync(user); }
/// <inheritdoc/> public async Task RemoveSessionsAsync(RemoveSessionsContext context, CancellationToken cancellationToken = default) { if (context.RevokeTokens || context.RevokeConsents) { // delete the tokens var grantFilter = new PersistedGrantFilter { SubjectId = context.SubjectId, SessionId = context.SessionId, }; if (context.ClientIds != null) { grantFilter.ClientIds = context.ClientIds; } if (!context.RevokeTokens || !context.RevokeConsents) { if (context.RevokeConsents) { grantFilter.Type = IdentityServerConstants.PersistedGrantTypes.UserConsent; } else { grantFilter.Types = OnlyTokenTypes; } } await _persistedGrantStore.RemoveAllAsync(grantFilter); } // send back channel SLO if (context.SendBackchannelLogoutNotification) { // we might have more than one, so load them all var sessions = await _serverSideTicketService.GetSessionsAsync( new SessionFilter { SubjectId = context.SubjectId, SessionId = context.SessionId, }, cancellationToken); foreach (var session in sessions) { await _backChannelLogoutService.SendLogoutNotificationsAsync(new LogoutNotificationContext { SubjectId = session.SubjectId, SessionId = session.SessionId, Issuer = session.Issuer, ClientIds = session.ClientIds.Where(x => context.ClientIds == null || context.ClientIds.Contains(x)) }); } } if (context.RemoveServerSideSession) { // delete the cookies await _serverSideSessionStore.DeleteSessionsAsync(new SessionFilter { SubjectId = context.SubjectId, SessionId = context.SessionId, }, cancellationToken); } }
public Task RemoveAllAsync(PersistedGrantFilter filter) { return(_innerPersistedGrantStore.RemoveAllAsync(filter)); }
public async Task remove_all_subjectid_clientid() { _currentRemoveAllEntity = _currentManyEntities[0]; await _persistedGrantStore.RemoveAllAsync(_currentRemoveAllEntity.SubjectId, _currentRemoveAllEntity.ClientId); }
/// <summary> /// Removes all grants for a given subject id and client id combination. /// </summary> /// <param name="subjectId">The subject identifier.</param> /// <param name="clientId">The client identifier.</param> /// <returns></returns> public Task RemoveAllGrantsAsync(string subjectId, string clientId) { return(_store.RemoveAllAsync(subjectId, clientId)); }
public Task RemoveAllAsync(string subjectId, string clientId) { return(_inMemoryPersistedGrantStore.RemoveAllAsync(subjectId, clientId)); }
/// <summary> /// Removes all items for a subject id / cliend id combination. /// </summary> /// <param name="subjectId">The subject identifier.</param> /// <param name="clientId">The client identifier.</param> /// <returns></returns> protected async Task RemoveAllAsync(string subjectId, string clientId) { await _store.RemoveAllAsync(subjectId, clientId, _grantType); }
public Task RemoveReferenceTokensAsync(string subjectId, string clientId) { return(_store.RemoveAllAsync(subjectId, clientId, Constants.PersistedGrantTypes.ReferenceToken)); }
public Task RemoveAllAsync(string subjectId, string clientId) { return(_persistedGrantStoreImplementation.RemoveAllAsync(subjectId, clientId)); }