public async Task <string> GetAuthenticatorKeyAsync(ApplicationUser user, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
var getUserTokenDto = new GetUserTokenDto
{
UserId = user.Id,
LoginProvider = ApplicationConstants.LoginProviderName,
Name = ApplicationConstants.TwoFA.AuthenticatorKeyTokenName
};
var userTokenDto = await _userTokenRepository.Get(getUserTokenDto);
return(userTokenDto?.Value);
}
public IActionResult RefreshToken(BaseController baseController, RefreshTokenRequest model)
{
if (model.RefreshToken == null)
{
return(baseController.GetResultBadRequest(new ErrorResponse("invalid_request", "The request is missing a required parameter, includes an unsupported parameter value (other than grant type).")));
}
UserToken existsRefreshToken = _userTokenRepository.Get(refreshToken: model.RefreshToken);
if (existsRefreshToken == null)
{
return(baseController.GetResultBadRequest(new ErrorResponse("invalid_grant", "Invalid refresh_token or expired.")));
}
User user = _userRepository.Get(existsRefreshToken.UserId);
string username = user.Username;
string userRole = user.Role;
if (existsRefreshToken.CheckSum != (existsRefreshToken.RefreshToken + username).GetSHA256HashString())
{
return(baseController.GetResultBadRequest(new ErrorResponse("invalid_grant", "Invalid refresh_token.")));
}
if (existsRefreshToken.Expires.CompareTo(DateTime.Now) < 0)
{
return(baseController.GetResultBadRequest(new ErrorResponse("invalid_grant", "The refresh_token has expired.")));
}
// Remove old refresh token
_userTokenRepository.Remove(model.RefreshToken);
return(baseController.Ok(GenerateAccessTokenResponse(_userTokenRepository, _appSettings.OAuth, existsRefreshToken.UserId, userRole, username)));
}