diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java index f70c6f8bfa..29986ed26a 100755 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java @@ -715,7 +715,7 @@ private static AuthenticatedUser buildAuthenticatedUser(UserStoreManager userSto AuthenticatedUser authenticatedUser = new AuthenticatedUser(); authenticatedUser.setUserStoreDomain(userStoreDomain); authenticatedUser.setTenantDomain(tenantDomain); - authenticatedUser.setUserName(username); + authenticatedUser.setUserName(UserCoreUtil.removeDomainFromName(username)); boolean isOrganization; try { isOrganization = OrganizationManagementUtil.isOrganization(tenantDomain); diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/listener/IdentityOauthEventHandler.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/listener/IdentityOauthEventHandler.java index f563449abd..a9f31ca9f2 100644 --- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/listener/IdentityOauthEventHandler.java +++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/listener/IdentityOauthEventHandler.java @@ -490,23 +490,24 @@ private void terminateSession(List userIDList, String roleId, String ten throws IdentityEventException { try { - int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); - UserStoreManager userStoreManager = getUserStoreManager(tenantId); - - String userName; if (CollectionUtils.isNotEmpty(userIDList)) { + int tenantId = IdentityTenantUtil.getTenantId(tenantDomain); + UserStoreManager userStoreManager = getUserStoreManager(tenantId); + for (String userId : userIDList) { try { - userName = FrameworkUtils.resolveUserNameFromUserId(userStoreManager, userId); + String userName = FrameworkUtils.resolveUserNameFromUserId(userStoreManager, userId); if (userName == null) { log.warn("User name is null for user id: " + userId + ". Hence skipping " + "token revocation and session termination processes."); continue; } + UserStoreManager userStoreManagerOfUser = getUserStoreManagerOfUser( + userStoreManager, userName); OAuth2ServiceComponentHolder.getInstance() .getRevocationProcessor() - .revokeTokens(userName, userStoreManager, roleId); - OAuthUtil.removeUserClaimsFromCache(userName, userStoreManager); + .revokeTokens(userName, userStoreManagerOfUser, roleId); + OAuthUtil.removeUserClaimsFromCache(userName, userStoreManagerOfUser); } catch (UserSessionException e) { String errorMsg = "Error occurred while revoking access token for user Id: " + userId; log.error(errorMsg, e); @@ -520,4 +521,22 @@ private void terminateSession(List userIDList, String roleId, String ten throw new IdentityEventException(errorMsg, e); } } + + /** + * Get the user store manager of the user. + * + * @param userStoreManager User store manager. + * @param userName Username of the user. + * @return User store manager of the user. + */ + private UserStoreManager getUserStoreManagerOfUser(UserStoreManager userStoreManager, String userName) { + + String userStoreDomainOfUser = IdentityUtil.extractDomainFromName(userName); + UserStoreManager secondaryUserStoreManager = userStoreManager.getSecondaryUserStoreManager( + userStoreDomainOfUser); + if (secondaryUserStoreManager == null) { + return userStoreManager; + } + return secondaryUserStoreManager; + } }