add virtual Token Invalidation method

AvantiPoint · Jun 13, 2022 · 72ba472 · 72ba472
1 parent 1052f40
commit 72ba472
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 4 deletions.
diff --git a/src/AvantiPoint.MobileAuth/Authentication/ITokenService.cs b/src/AvantiPoint.MobileAuth/Authentication/ITokenService.cs
@@ -6,5 +6,6 @@ public interface ITokenService
 {
     ValueTask<string> BuildToken(IDictionary<string, string> claims);
     ValueTask<bool> IsTokenValid(string token);
+    ValueTask InvalidateToken(string token);
     SymmetricSecurityKey GetKey();
 }
diff --git a/src/AvantiPoint.MobileAuth/Authentication/TokenService.cs b/src/AvantiPoint.MobileAuth/Authentication/TokenService.cs
@@ -73,6 +73,8 @@ public virtual ValueTask<bool> IsTokenValid(string token)
         }
     }
 
+    public virtual ValueTask InvalidateToken(string token) => ValueTask.CompletedTask;
+
     public SymmetricSecurityKey GetKey()
     {
         var key = _options.JwtKey;

diff --git a/src/AvantiPoint.MobileAuth/MobileAuth.cs b/src/AvantiPoint.MobileAuth/MobileAuth.cs
@@ -1,5 +1,6 @@
 using System.Net;
 using System.Security.Claims;
+using System.Text.RegularExpressions;
 using AvantiPoint.MobileAuth.Authentication;
 using AvantiPoint.MobileAuth.Configuration;
 using Microsoft.AspNetCore.Authentication;
@@ -125,13 +126,22 @@ private static Task GetProfile(HttpContext context, CancellationToken cancellati
     private static string GetKey(Claim claim) =>
         claim.Properties.Any() ? claim.Properties.First().Value : claim.Type;
 
-    private static Task Signout(HttpContext context, CancellationToken cancellationToken)
+    private static async Task Signout(HttpContext context, CancellationToken cancellationToken)
     {
         var provider = context.User.FindFirstValue("provider");
-        if (string.IsNullOrEmpty(provider))
-            return context.SignOutAsync();
+        var tokenService = context.RequestServices.GetRequiredService<ITokenService>();
+        string authHeader = context.Request.Headers.Authorization;
+        if(!string.IsNullOrEmpty(authHeader))
+        {
+            var token = Regex.Replace(authHeader, "Bearer", string.Empty).Trim();
+            if (!string.IsNullOrEmpty(token))
+                await tokenService.InvalidateToken(token);
+        }
 
-        return context.SignOutAsync(provider);
+        if (string.IsNullOrEmpty(provider))
+            await context.SignOutAsync();
+        else
+            await context.SignOutAsync(provider);
     }
 
     private static async Task Signin(string scheme, HttpContext context)