Resolved Topic: Access Token auto revoked
Asked 7/16/2018 2:51:04 PM +05:45
Access Token auto revoked
#2006
1Y
21

7/16/2018 2:51:04 PM +05:45

Hi everyone,

I am facing this issue of auto logout. The users get logged out after few minutes. I investigate in it and found that the access_token is revoked. Did anyone face the same issue. And what can be the possible reason to this issue.

Thanks

Answered 7/21/2018 5:17:02 PM +05:45
RE: Access Token auto revoked
#2011
1Y
21

7/21/2018 5:17:02 PM +05:45

So, finally i solved this issue. I am pasting it here if someone else face the same issue. Update following trigger in your tenants database:

ALTER TRIGGER [account].[token_auto_expiry_trigger] ON [account].[access_tokens] INSTEAD OF INSERT AS BEGIN SET NOCOUNT ON; SET XACT_ABORT ON;

DECLARE @ip_address national character varying(100);
DECLARE @user_agent national character varying(500);
DECLARE @login_id bigint
DECLARE @user_id int

SELECT
	@login_id = login_id,
	@ip_address = ip_address,
	@user_agent = user_agent
FROM inserted;

SELECT @user_id = user_id from account.logins where login_id = @login_id 

UPDATE account.access_tokens
SET
	revoked = 1,
	revoked_on = getutcdate()
WHERE ip_address = @ip_address
AND user_agent = @user_agent
	AND revoked = 0
AND login_id in (SELECT login_id FROM account.logins WHERE user_id = @user_id)
		


	INSERT INTO account.access_tokens(access_token_id, issued_by, audience, ip_address, user_agent, header, subject, token_id, application_id, login_id, client_token, claims, created_on, expires_on, revoked, revoked_by, revoked_on)
	SELECT access_token_id, issued_by, audience, ip_address, user_agent, header, subject, token_id, application_id, login_id, client_token, claims, created_on, expires_on, revoked, revoked_by, revoked_on
	FROM inserted;	

END;

Enjoy

Marked as Answer
All Posts
RE: Access Token auto revoked
#2011
1Y
21

7/21/2018 5:17:02 PM +05:45

So, finally i solved this issue. I am pasting it here if someone else face the same issue. Update following trigger in your tenants database:

ALTER TRIGGER [account].[token_auto_expiry_trigger] ON [account].[access_tokens] INSTEAD OF INSERT AS BEGIN SET NOCOUNT ON; SET XACT_ABORT ON;

DECLARE @ip_address national character varying(100);
DECLARE @user_agent national character varying(500);
DECLARE @login_id bigint
DECLARE @user_id int

SELECT
	@login_id = login_id,
	@ip_address = ip_address,
	@user_agent = user_agent
FROM inserted;

SELECT @user_id = user_id from account.logins where login_id = @login_id 

UPDATE account.access_tokens
SET
	revoked = 1,
	revoked_on = getutcdate()
WHERE ip_address = @ip_address
AND user_agent = @user_agent
	AND revoked = 0
AND login_id in (SELECT login_id FROM account.logins WHERE user_id = @user_id)
		


	INSERT INTO account.access_tokens(access_token_id, issued_by, audience, ip_address, user_agent, header, subject, token_id, application_id, login_id, client_token, claims, created_on, expires_on, revoked, revoked_by, revoked_on)
	SELECT access_token_id, issued_by, audience, ip_address, user_agent, header, subject, token_id, application_id, login_id, client_token, claims, created_on, expires_on, revoked, revoked_by, revoked_on
	FROM inserted;	

END;

Enjoy