owin令牌基础认证注销无法在asp.net web api 2中工作

时间:2016-02-24 11:26:20

标签: c# asp.net asp.net-web-api owin bearer-token

我正在尝试制作Logout网址。如果用户按通过标头令牌点击Logout url,则此令牌必须到期。

我做了同样的代码,但它没有用。我没有在任何博客中找到解决方案。 我的代码如下,

第一种方式(不工作)

[Route("Logout")]
[HttpPost]
public HttpResponseMessage Logout()
{
    authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie,
                          Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie,
                          Microsoft.AspNet.Identity.DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie,
                          Microsoft.AspNet.Identity.DefaultAuthenticationTypes.TwoFactorCookie);

    authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
    authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie);
    authentication.SignOut();

}

第二种方式(不工作)

[Route("LogOut")]
[HttpPost]
public HttpResponseMessage LogOut()
{
    var identity = new ClaimsIdentity(HttpContext.Current.User.Identity);

AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties()
{
    ExpiresUtc = DateTime.Now.AddYears(-5)
});
ticket.Properties.ExpiresUtc = DateTime.Now.AddYears(-5);

var principal = ClaimsPrincipal.Current;
var ClientId = principal.Claims.FirstOrDefault(c => c.Type == Constants.USERID).Value;
var USERNAME = principal.Claims.FirstOrDefault(c => c.Type == Constants.USERNAME).Value;
var PASSWORD = principal.Claims.FirstOrDefault(c => c.Type == Constants.USER_PASSWORD).Value;

var oAuthAuthorizationServerOptions = new OAuthAuthorizationServerOptions();
oAuthAuthorizationServerOptions.AccessTokenExpireTimeSpan = TimeSpan.FromTicks(DateTime.UtcNow.AddYears(-5).Ticks);

var context = new OAuthGrantResourceOwnerCredentialsContext(HttpContext.Current.GetOwinContext(), null, ClientId, USERNAME, PASSWORD, null);
context.Validated(ticket);

}

但令牌不会以任何方式到期。

非常感谢帮助。

感谢。

0 个答案:

没有答案