/// <inheritdoc /> public async Task <AuthenticationTicket> RetrieveAsync(string key) { ArgumentNullException.ThrowIfNull(key); _logger.LogDebug("Retrieve AuthenticationTicket for key {key}", key); var session = await _store.GetSessionAsync(key); if (session == null) { _logger.LogDebug("No ticket found in store for {key}", key); return(null); } var ticket = session.Deserialize(_protector, _logger); if (ticket != null) { _logger.LogDebug("Ticket loaded for key: {key}, with expiration: {expiration}", key, ticket.GetExpiration()); return(ticket); } // if we failed to get a ticket, then remove DB record _logger.LogWarning("Failed to deserialize authentication ticket from store, deleting record for key {key}", key); await RemoveAsync(key); return(ticket); }
public async Task corrupted_server_side_session_should_logout_user() { await _pipeline.LoginAsync("bob"); var sessions = await _sessionStore.GetSessionsAsync(new SessionFilter { SubjectId = "bob" }); var session = await _sessionStore.GetSessionAsync(sessions.Single().Key); session.Ticket = "invalid"; await _sessionStore.UpdateSessionAsync(session); (await IsLoggedIn()).Should().BeFalse(); (await _sessionStore.GetSessionsAsync(new SessionFilter { SubjectId = "bob" })).Should().BeEmpty(); }