private async Task Handle401Async()
{
if (_user == null)
{
return;
}
// If no refresh token, clear access token and exit
if (string.IsNullOrEmpty(_user.RefreshToken))
{
_user.AccessToken = string.Empty;
return;
}
var request = new Oauth2Request
{
ClientId = _clientId,
ClientSecret = _clientSecret,
RefreshToken = _user.RefreshToken,
GrantType = "refresh_token"
};
var response = await Post <Oauth2Request, Oauth2Response>(request, "oauth2", "token");
_user.AccessToken = response?.Response?.AccessToken;
_user.RefreshToken = response?.Response?.RefreshToken;
await _userManager.UpdateAsync(_user);
}
//Get access token using refresh token, stored for currently logged in user
public async Task <IActionResult> OnGetRefreshAccessToken()
{
if (User == null)
{
return(Unauthorized());
}
var user = await _userManager.GetUserAsync(User);
var request = new Oauth2Request
{
ClientId = _clientId,
ClientSecret = _clientSecret,
RefreshToken = user.RefreshToken,
GrantType = "refresh_token"
};
var result = await Post <Oauth2Request, Oauth2Response>(request, "oauth2", "token");
if (result?.Response != null)
{
//Updating user tokens here, since refresh token is valid only for 1 request
await UpdateUserTokensAsync(user, result.Response.AccessToken, result.Response.RefreshToken);
}
return(new JsonResult(new { AccessToken = result?.Response?.AccessToken }));
}
// When an account has been created or the user has authorized you to access their account, a JS event will
// be triggered with key 'client.authenticated'. You should register a listener to this and handle the
// authorizationCode provided. Exchange it for AccessToken and RefreshToken if you want to access the users'
// account at a later time. Check site.js for example.
public async Task <IActionResult> OnGetClientAuthenticated(string authorizationCode)
{
var request = new Oauth2Request
{
ClientId = _clientId,
ClientSecret = _clientSecret,
Code = authorizationCode,
GrantType = "authorization_code"
};
var result = await Post <Oauth2Request, Oauth2Response>(request, "oauth2", "token");
if (result?.Response != null && User != null)
{
var user = await _userManager.GetUserAsync(User);
await UpdateUserTokensAsync(user, result.Response.AccessToken, result.Response.RefreshToken);
}
return(new JsonResult(new { AccessToken = result?.Response?.AccessToken }));
}
