public async Task <IHttpActionResult> Delete(string tokenId)
{
var hashedTokenId = tokenId.GetHash();
var result = await _refreshTokenManager.RemoveRefreshToken(hashedTokenId);
if (result)
{
return(Ok());
}
return(BadRequest($"Token : '{tokenId}' does not exist."));
}
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
var allowedOrigin = context.OwinContext.Get <string>(OwinEnvironment.ClientAllowedOriginPropertyName);
if (!context.OwinContext.Response.Headers.ContainsKey("Access-Control-Allow-Origin"))
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
}
var hashedTokenId = context.Token.GetHash();
var refreshToken = await _refreshTokenManager.FindRefreshToken(hashedTokenId);
if (refreshToken != null)
{
context.OwinContext.Set(OwinEnvironment.UserPropertyName, refreshToken.User.Id.ToString());
context.DeserializeTicket(refreshToken.ProtectedTicket);
await _refreshTokenManager.RemoveRefreshToken(hashedTokenId);
}
}
