/// <inheritdoc />
public async Task <AuthenticationTicket> RetrieveAsync(string key)
{
ArgumentNullException.ThrowIfNull(key);
_logger.LogDebug("Retrieve AuthenticationTicket for key {key}", key);
var session = await _store.GetSessionAsync(key);
if (session == null)
{
_logger.LogDebug("No ticket found in store for {key}", key);
return(null);
}
var ticket = session.Deserialize(_protector, _logger);
if (ticket != null)
{
_logger.LogDebug("Ticket loaded for key: {key}, with expiration: {expiration}", key, ticket.GetExpiration());
return(ticket);
}
// if we failed to get a ticket, then remove DB record
_logger.LogWarning("Failed to deserialize authentication ticket from store, deleting record for key {key}", key);
await RemoveAsync(key);
return(ticket);
}
public async Task corrupted_server_side_session_should_logout_user()
{
await _pipeline.LoginAsync("bob");
var sessions = await _sessionStore.GetSessionsAsync(new SessionFilter { SubjectId = "bob" });
var session = await _sessionStore.GetSessionAsync(sessions.Single().Key);
session.Ticket = "invalid";
await _sessionStore.UpdateSessionAsync(session);
(await IsLoggedIn()).Should().BeFalse();
(await _sessionStore.GetSessionsAsync(new SessionFilter {
SubjectId = "bob"
})).Should().BeEmpty();
}