2026-04-27 21:29:03 +00:00
|
|
|
|
using System;
|
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
|
using Microsoft.Extensions.Logging;
|
|
|
|
|
|
using OpenIddict.Abstractions;
|
|
|
|
|
|
using OpenIddict.Server;
|
|
|
|
|
|
using static OpenIddict.Server.OpenIddictServerEvents;
|
|
|
|
|
|
using Volo.Abp.DependencyInjection;
|
|
|
|
|
|
using Volo.Abp.Identity;
|
|
|
|
|
|
using Volo.Abp.MultiTenancy;
|
|
|
|
|
|
using Volo.Abp.Security.Claims;
|
2026-04-28 10:04:07 +00:00
|
|
|
|
using System.Linq;
|
2026-04-27 21:29:03 +00:00
|
|
|
|
|
|
|
|
|
|
namespace Sozsoft.Platform.Identity;
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// /connect/revocation çağrısı başarıyla tamamlandığında ilgili kullanıcının
|
|
|
|
|
|
/// AbpSessions tablosundaki tüm satırlarını siler.
|
|
|
|
|
|
/// OpenIddict server pipeline'ına eklenir; MVC controller override gerektirmez.
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
public class PlatformSessionRevocationHandler :
|
|
|
|
|
|
IOpenIddictServerHandler<HandleRevocationRequestContext>,
|
|
|
|
|
|
ITransientDependency
|
|
|
|
|
|
{
|
|
|
|
|
|
private readonly IIdentitySessionRepository sessionRepo;
|
|
|
|
|
|
private readonly ICurrentTenant currentTenant;
|
|
|
|
|
|
private readonly ILogger<PlatformSessionRevocationHandler> logger;
|
|
|
|
|
|
|
|
|
|
|
|
public PlatformSessionRevocationHandler(
|
|
|
|
|
|
IIdentitySessionRepository sessionRepo,
|
|
|
|
|
|
ICurrentTenant currentTenant,
|
|
|
|
|
|
ILogger<PlatformSessionRevocationHandler> logger)
|
|
|
|
|
|
{
|
|
|
|
|
|
this.sessionRepo = sessionRepo;
|
|
|
|
|
|
this.currentTenant = currentTenant;
|
|
|
|
|
|
this.logger = logger;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public async ValueTask HandleAsync(HandleRevocationRequestContext context)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Hata durumunda (geçersiz token, yetkisiz istek vb.) temizlik yapma.
|
|
|
|
|
|
if (context.IsRejected) return;
|
|
|
|
|
|
|
2026-05-24 22:23:52 +00:00
|
|
|
|
var userId = context.GenericTokenPrincipal?.GetClaim(OpenIddictConstants.Claims.Subject);
|
2026-04-27 21:29:03 +00:00
|
|
|
|
if (string.IsNullOrEmpty(userId) || !Guid.TryParse(userId, out var userGuid)) return;
|
|
|
|
|
|
|
|
|
|
|
|
// Token'dan tenant ID'yi al.
|
2026-05-24 22:23:52 +00:00
|
|
|
|
var tenantId = ParseTenantId(context.GenericTokenPrincipal?.Claims.FirstOrDefault(c => c.Type == AbpClaimTypes.TenantId)?.Value);
|
2026-04-27 21:29:03 +00:00
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
// Sadece token'ın ait olduğu tenant'taki oturumları sil.
|
|
|
|
|
|
using (currentTenant.Change(tenantId))
|
|
|
|
|
|
{
|
|
|
|
|
|
var sessions = await sessionRepo.GetListAsync(userId: userGuid);
|
|
|
|
|
|
foreach (var session in sessions)
|
|
|
|
|
|
{
|
|
|
|
|
|
await sessionRepo.DeleteAsync(session);
|
|
|
|
|
|
|
|
|
|
|
|
logger.LogInformation(
|
2026-05-26 09:29:46 +00:00
|
|
|
|
"AbpSessions cleanup: TenantId:{TenantId}, UserId:{UserId}, SignedIn:{SignedIn}, Now:{Now}",
|
2026-04-28 10:04:07 +00:00
|
|
|
|
tenantId,
|
|
|
|
|
|
session.UserId,
|
|
|
|
|
|
session.SignedIn,
|
|
|
|
|
|
DateTime.UtcNow);
|
2026-04-27 21:29:03 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Session temizleme hatası revocation akışını bloklamamalı.
|
|
|
|
|
|
logger.LogWarning(ex,
|
2026-04-28 10:04:07 +00:00
|
|
|
|
"Token revocation sonrası AbpSessions temizliğinde hata. UserId: {UserId}", userId);
|
2026-04-27 21:29:03 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2026-04-28 10:04:07 +00:00
|
|
|
|
|
|
|
|
|
|
private static Guid? ParseTenantId(string value) => !string.IsNullOrWhiteSpace(value) && Guid.TryParse(value, out var id) ? id : null;
|
2026-04-27 21:29:03 +00:00
|
|
|
|
}
|
