public async Task <string> CreateRefreshTokenAsync(AthenaUser user) { var refreshToken = new RefreshToken { Expiration = DateTimeOffset.UtcNow.Add(options.RefreshExpiration), Token = Guid.NewGuid().ToString(), UserId = user.Id }; data.RefreshTokens.Add(refreshToken); await data.SaveChangesAsync(); var securityTokenHandler = new JwtSecurityTokenHandler(); var descriptor = new SecurityTokenDescriptor { Audience = options.Audience, Expires = refreshToken.Expiration.DateTime, IssuedAt = DateTime.UtcNow, NotBefore = DateTime.UtcNow, SigningCredentials = options.SigningCredentials, Subject = await CreateRefreshClaimsIdentityAsync(user, refreshToken.Token) }; var securityToken = securityTokenHandler.CreateJwtSecurityToken(descriptor); return(securityTokenHandler.WriteToken(securityToken)); }
protected async Task <ClaimsIdentity> CreateRefreshClaimsIdentityAsync(AthenaUser user, string token) { var identity = await CreateClaimsIdentityAsync(user); identity.AddClaim(new Claim(ClaimConstants.RefreshClaimType, token)); return(identity); }
public async Task <AccessToken> CreateAccessTokenAsync(AthenaUser user) { return(new AccessToken { Expires = DateTime.UtcNow.Add(options.Expiration), RefreshToken = await CreateRefreshTokenAsync(user), Token = await CreateJwtTokenAsync(user) }); }
public async Task <string> CreateJwtTokenAsync(AthenaUser user) { var securityTokenHandler = new JwtSecurityTokenHandler(); var descriptor = new SecurityTokenDescriptor { Audience = options.Audience, Expires = DateTime.UtcNow.Add(options.Expiration), IssuedAt = DateTime.UtcNow, Issuer = options.Issuer, SigningCredentials = options.SigningCredentials, Subject = await CreateClaimsIdentityAsync(user) }; var securityToken = securityTokenHandler.CreateJwtSecurityToken(descriptor); return(securityTokenHandler.WriteToken(securityToken)); }
protected async Task <ClaimsIdentity> CreateClaimsIdentityAsync(AthenaUser user) { var roles = await userManager.GetRolesAsync(user); return(new ClaimsIdentity(EnumerateClaims())); IEnumerable <Claim> EnumerateClaims() { yield return(new Claim(ClaimTypes.NameIdentifier, user.Id)); yield return(new Claim(ClaimTypes.Name, user.UserName)); foreach (var role in roles) { yield return(new Claim(ClaimTypes.Role, role)); } } }
public async Task <IActionResult> SetupAsync(SetupModel model) { // Rule: If there are any users, disallow setup. if (data.Users.Any()) { return(Forbid()); } var user = new AthenaUser { Email = model.AdminEmail, EmailConfirmed = true, UserName = model.AdminUsername }; var result = await userManager.CreateAsync(user, model.AdminPassword); if (!result.Succeeded) { return(Conflict(result.Errors)); } result = await userManager.AddToRoleAsync(user, "Administrators"); if (!result.Succeeded) { return(Conflict(result.Errors)); } result = await userManager.SetLockoutEnabledAsync(user, false); if (!result.Succeeded) { return(Conflict(result.Errors)); } return(new EmptyResult()); }