public async Task <IHttpActionResult> Delete(string tokenId) { var hashedTokenId = tokenId.GetHash(); var result = await _refreshTokenManager.RemoveRefreshToken(hashedTokenId); if (result) { return(Ok()); } return(BadRequest($"Token : '{tokenId}' does not exist.")); }
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { var allowedOrigin = context.OwinContext.Get <string>(OwinEnvironment.ClientAllowedOriginPropertyName); if (!context.OwinContext.Response.Headers.ContainsKey("Access-Control-Allow-Origin")) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); } var hashedTokenId = context.Token.GetHash(); var refreshToken = await _refreshTokenManager.FindRefreshToken(hashedTokenId); if (refreshToken != null) { context.OwinContext.Set(OwinEnvironment.UserPropertyName, refreshToken.User.Id.ToString()); context.DeserializeTicket(refreshToken.ProtectedTicket); await _refreshTokenManager.RemoveRefreshToken(hashedTokenId); } }