public async Task <AccessTokenModel> RefreshToken(string refreshToken, string accessToken)
{
var userId = _accessTokenService.GetPayload <AuthPayload>(accessToken).UserId;
var refreshTokenResponse = await QueryBus.Execute <UserRefreshTokenQuery, UserRefreshTokenResponse>(
new UserRefreshTokenQuery
{
UserId = userId
});
if (refreshToken != refreshTokenResponse.RefreshToken)
{
//TODO
throw new NotImplementedException();
}
return(await GenerateRefreshAndAccessToken(userId));
}
public override async Task <HttpResponseMessage> ExecuteAsync(HttpControllerContext controllerContext,
CancellationToken cancellationToken)
{
if (!controllerContext.Request.Headers.TryGetValues("AccessToken", out var allTokens))
{
throw new AuthorizationRequiredException();
}
var token = allTokens.First();
var payload = _accessTokenService.GetPayload <AuthPayload>(token);
var refreshTokenResponse = await QueryBus.Execute <UserRefreshTokenQuery, UserRefreshTokenResponse>(
new UserRefreshTokenQuery
{
UserId = payload.UserId
});
_accessTokenService.Verify(token, refreshTokenResponse.RefreshToken);
return(await base.ExecuteAsync(controllerContext, cancellationToken));
}
public override async Task <HttpResponseMessage> ExecuteAsync(HttpControllerContext controllerContext,
CancellationToken cancellationToken)
{
if (!controllerContext.Request.Headers.TryGetValues("Authorization", out var tokens))
{
throw new MissedAccessTokenException();
}
var accessToken = tokens.First();
var payload = _accessTokenService.GetPayload <UserAccessTokenPayload>(accessToken);
var refreshTokenResponse = await _userManagementService.GetRefreshTokenById(new GetUserRefreshTokenByIdRequest
{
Id = payload.Id
});
_accessTokenService.Verify(accessToken, refreshTokenResponse.RefreshToken);
UserId = payload.Id;
return(await base.ExecuteAsync(controllerContext, cancellationToken));
}