If refresh tokens issued to a user in OAuth2.0 are invalidated by the admin then I want the user to be logged out from application. Can anyone provide solution for this in Spring or Java?
Asked
Active
Viewed 153 times
1 Answers
0
You can use spring session Management with SessionRegistry
Then you can expire the session from anywhere using something like this
sessionRegistry.getSessionInformation(sessionId).expireNow();
MD9
- 90
- 1
- 7
-
how can we get to know if the refresh token is invalidated by azure admin in AAD ? Is there any api call exposed for that validation ? – mukesh36 Sep 19 '22 at 18:58
-
You can check this answer here https://stackoverflow.com/a/50893150/2015923 on how to validate the token – MD9 Sep 19 '22 at 22:20