public async Task <IActionResult> PostRevoke(
[FromForm] RevocationRequest revocationRequest,
CancellationToken cancellationToken)
{
// 1. Fetch the authorization header
AuthenticationHeaderValue?authenticationHeaderValue = null;
if (Request.Headers.TryGetValue(HeaderNames.Authorization, out var authorizationHeader))
{
var authorizationHeaderValue = authorizationHeader.First();
var splittedAuthorizationHeaderValue = authorizationHeaderValue.Split(' ');
if (splittedAuthorizationHeaderValue.Length == 2)
{
authenticationHeaderValue = new AuthenticationHeaderValue(
splittedAuthorizationHeaderValue[0],
splittedAuthorizationHeaderValue[1]);
}
}
// 2. Revoke the token
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
var option = await _tokenActions.RevokeToken(
revocationRequest.ToParameter(),
authenticationHeaderValue,
Request.GetCertificate(),
issuerName,
cancellationToken)
.ConfigureAwait(false);
return(option switch
{
Option.Success => new OkResult(),
Option.Error e => BadRequest(e.Details),
_ => throw new ArgumentOutOfRangeException()
});
public async Task <TokenRawResult> PostRevocationAsync()
{
/*
* TokenTypHint: [refresh_token,subject,access_token]
*/
var arbResourceOwnerResult = await PostRefreshAsync();
var revocationRequest = new RevocationRequest()
{
Token = arbResourceOwnerResult.TokenResult.Response.RefreshToken,
ClientId = "arbitrary-resource-owner-client",
TokenTypHint = "refresh_token",
RevokeAllSubjects = "true"
};
var revocationResult = await _tokenEndpointHandlerExtra.ProcessRawAsync(revocationRequest);
var refreshTokenRequest = new RefreshTokenRequest()
{
RefreshToken = arbResourceOwnerResult.TokenResult.Response.RefreshToken,
ClientId = "arbitrary-resource-owner-client"
};
arbResourceOwnerResult = await _tokenEndpointHandlerExtra.ProcessRawAsync(refreshTokenRequest);
return(arbResourceOwnerResult);
}
public static RevokeTokenParameter ToParameter(this RevocationRequest revocationRequest)
{
return(new RevokeTokenParameter
{
ClientAssertion = revocationRequest.ClientAssertion,
ClientAssertionType = revocationRequest.ClientAssertionType,
ClientId = revocationRequest.ClientId,
ClientSecret = revocationRequest.ClientSecret,
Token = revocationRequest.Token,
TokenTypeHint = revocationRequest.TokenTypeHint
});
}
public static RevokeTokenParameter ToParameter(this RevocationRequest revocationRequest)
{
return(new()
{
ClientAssertion = revocationRequest.client_assertion,
ClientAssertionType = revocationRequest.client_assertion_type,
ClientId = revocationRequest.client_id,
ClientSecret = revocationRequest.client_secret,
Token = revocationRequest.token,
TokenTypeHint = revocationRequest.token_type_hint
});
}
public void TestRevocationReqToJsonNullID()
{
try
{
RevocationRequest testRevocationReq = new RevocationRequest(revCAName, null, revSerialNmbr, revAKI, revReason);
testRevocationReq.Serial = revSerialNmbr;
testRevocationReq.Aki = revAKI + "000";
testRevocationReq.Reason = revReason + "update";
Assert.IsTrue(testRevocationReq.ToJson().Contains(revSerialNmbr));
}
catch (System.Exception e)
{
Assert.Fail($"Unexpected Exception {e.Message}");
}
}
public void TestNewInstance()
{
try
{
RevocationRequest testRevocationReq = new RevocationRequest(revCAName, revEnrollmentID, revSerialNmbr, revAKI, revReason, revGenCRL);
Assert.AreEqual(testRevocationReq.User, revEnrollmentID);
Assert.AreEqual(testRevocationReq.Serial, revSerialNmbr);
Assert.AreEqual(testRevocationReq.Aki, revAKI);
Assert.AreEqual(testRevocationReq.Reason, revReason);
Assert.AreEqual(testRevocationReq.GenCRL, revGenCRL);
}
catch (System.Exception e)
{
Assert.Fail($"Unexpected Exception {e.Message}");
}
}
public void TestRevocationReqSetGet()
{
try
{
RevocationRequest testRevocationReq = new RevocationRequest(revCAName, revEnrollmentID, revSerialNmbr, revAKI, revReason);
testRevocationReq.User = revEnrollmentID + "update";
testRevocationReq.Serial = revSerialNmbr + "000";
testRevocationReq.Aki = revAKI + "000";
testRevocationReq.Reason = revReason + "update";
Assert.AreEqual(testRevocationReq.User, revEnrollmentID + "update");
Assert.AreEqual(testRevocationReq.Serial, revSerialNmbr + "000");
Assert.AreEqual(testRevocationReq.Aki, revAKI + "000");
Assert.AreEqual(testRevocationReq.Reason, revReason + "update");
}
catch (System.Exception e)
{
Assert.Fail($"Unexpected Exception {e.Message}");
}
}
