public async Task <IActionResult> Refresh([FromBody] RefreshTokenRequestModel requestModel)
{
var username = GetPrincipalFromExpiredToken(requestModel.OldAccessToken).Identity.Name;
var user = await _userRepository.GetUserByLogin(username);
var savedRefreshToken = _libraryContext.RefreshTokens
.Where(x => x.User.Login == username && x.Token == requestModel.OldRefreshToken)
.Select(x => x.Token)
.FirstOrDefault();
if (savedRefreshToken != requestModel.OldRefreshToken)
{
throw new SecurityTokenException("Invalid refresh token");
}
_logger.LogInformation($"Attempt to refresh token for user {username} at {DateTime.Now}");
await _tokenRepository.DeleteAsync(_tokenRepository.GetAll().
Where(p => p.Token == requestModel.OldRefreshToken && p.UserId == user.Id)
.Select(p => p.Id)
.FirstOrDefault());
_logger.LogInformation($"{username} was updated in database at {DateTime.Now} with new refresh-token");
return(await Token(username));
}
public async Task RefreshToken_ReturnsTokenInfo()
{
if (!File.Exists(TokenSettingFilePath))
{
await GetToken_ReturnsTokenInfo();
}
var content = File.ReadAllText(TokenSettingFilePath);
var tokenSettings = JsonConvert.DeserializeObject <TokenSettings>(content);
var requestModel = new RefreshTokenRequestModel()
{
RefreshToken = tokenSettings.RefreshToken,
};
TokenResponseModel result = await ApiFactory.CreateAuthClient()
.RefreshToken(requestModel)
.Retry(3, TimeSpan.FromSeconds(2))
.WhenCatch <HttpStatusFailureException>(ex => ex.StatusCode == System.Net.HttpStatusCode.RequestTimeout);
Assert.NotNull(result);
Assert.NotEmpty(result.AccessToken);
WriteTokenSettings(result);
}
public async Task <TokenResponseModel> RefreshTokenAsync(RefreshTokenRequestModel tokenRequestModel)
{
string accessToken = tokenRequestModel.AccessToken;
string refreshToken = tokenRequestModel.RefreshToken;
var principal = GetPrincipalFromExpiredToken(accessToken);
var username = principal.Identity.Name; //this is mapped to the Name claim by default
var user = await _userRepository.FirstOrDefault(u => u.Username == username);
if (user is null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.UtcNow)
{
return(null);
}
var newAccessToken = GenerateAccessToken(principal.Claims);
var newRefreshToken = GenerateRefreshToken();
user.RefreshToken = newRefreshToken;
await _userRepository.UpdateAsync(user);
return(new TokenResponseModel()
{
AccessToken = newAccessToken,
RefreshToken = newRefreshToken
});
}
public ResultInfo <AuthResponseModel> RefreshToken([FromBody] RefreshTokenRequestModel model)
{
var data = _authHelper.RefreshToken(model);
return(new ResultInfo <AuthResponseModel>
{
Code = ResponseResult.Success.Code.CodeString,
Data = data
});
}
public async Task <IActionResult> Logout([FromBody] RefreshTokenRequestModel tokens)
{
try
{
await _tokenRepository.DeleteAsync(await _tokenRepository.GetAll().Where(p => p.Token == tokens.OldRefreshToken).Select(p => p.Id).FirstOrDefaultAsync());
}
catch (Exception ex)
{
return(BadRequest(ex.Message.ToString()));
}
return(Ok());
}
public IActionResult RefreshAccessToken([FromBody] RefreshTokenRequestModel tokenRequest)
{
try
{
var refreshedTokens = _tokenHandlerService.RefreshAccessToken(tokenRequest.Token);
return(Ok(refreshedTokens));
}
catch (Exception e)
{
return(NotFound(e));
}
}
public async Task <JwtTokenManagerResponse> RefreshTokenAsync(RefreshTokenRequestModel refreshToken, Claim[] claims, string provider = "ApplicationProvider", string purpose = "RefreshToken")
{
if (refreshToken == null)
{
return(null);
}
ClaimsPrincipal validatedToken = GetPrincipalFromToken(refreshToken.AccessToken);
if (validatedToken == null)
{
return(null);
}
string userEmail = validatedToken.Claims.FirstOrDefault(x => x.Type == "Email").Value;
User userDetails = await _userManager.FindByEmailAsync(userEmail);
if (userDetails == null)
{
return(null);
}
bool validateRefreshToken = await _userManager.VerifyUserTokenAsync(userDetails, provider, purpose, refreshToken.RefreshToken);
if (!validateRefreshToken)
{
return(null);
}
string newRefreshToken = await GenerateRefreshToken(userDetails, provider, purpose);
if (newRefreshToken == null)
{
return(null);
}
string newAccessToken = GenerateAccessToken(claims);
if (newAccessToken == null)
{
return(null);
}
return(new JwtTokenManagerResponse
{
AccessToken = newAccessToken,
RefreshToken = newRefreshToken
});
}
public ActionResult RefreshToken([FromBody] RefreshTokenRequestModel model)
{
if (model == null)
{
throw new ArgumentNullException(nameof(model));
}
if (model.RefreshToken == null)
{
throw new UnauthorizedAccessException();
}
var newToken = _authService.RefreshToken(model.RefreshToken);
return(Ok(newToken));
}
public async Task <ActionResult> RefreshAsync(RefreshTokenRequestModel tokenApiModel)
{
if (tokenApiModel is null)
{
return(BadRequest("Invalid client request"));
}
var tokenApiResponseModel = await _tokenService.RefreshTokenAsync(tokenApiModel);
if (tokenApiResponseModel is null)
{
return(BadRequest("Invalid client request"));
}
return(Ok(tokenApiResponseModel));
}
public AuthResponseModel RefreshToken(RefreshTokenRequestModel model)
{
var token = TokenHelper.GetPayloadByJwtToken <RefreshTokenModel>(model.RefreshToken);
var user = CacheStoreHelper[CommonConstants.RefreshTokenPrefix + model.RefreshToken];
if (user == null)
{
throw new RefreshTokenWrong();
}
CacheStoreHelper.Remove(token.model.RefreshToken);
CacheStoreHelper.Remove(token.model.AccessToken);
var session = CreateSession(user.UserId, user.Groups);
var userModel = UserRepository.GetById(user.UserId);
if (userModel == null)
{
throw new CredentialWrong();
}
if (!userModel.IsActive)
{
throw new AcccountDeactivatedException();
}
//var groups = GroupRepository.GetGroupsByUserId(userModel.Id).ToArray();
return(new AuthResponseModel
{
AccessToken = session.AccessToken,
AccessTokenExpire = session.ExpirationTime,
RefreshToken = session.RefreshToken,
AuthInfo = new UserInfoModel
{
DisplayName = $"{userModel.LastName} {userModel.FirstName}",
UserId = userModel.Id,
Permissions = new List <string>(), // ToDo change
/*Email = userModel.Email,
* AvatarId = userModel.PhotoId,
* FirstName = userModel.FirstName,
* LastName = userModel.LastName,*/
//TimestampOfBirth = userModel.BirthDate.UnixDateTime(),
//Groups = groups.Select(t => new GroupInfoModel
//{
// Id = t.Id,
// Name = t.Name
//})
}
});
}
public async Task <IActionResult> Refresh([FromBody] RefreshTokenRequestModel model)
{
var authResponse = await _userService.RefreshTokenAsync(model.Token, model.RefreshToken);
if (!authResponse.Success)
{
return(BadRequest(authResponse.Message));
}
var successfulAuthResult = new Models.Transfer.UserLoginResponseModel
{
Token = authResponse.Token,
RefreshToken = authResponse.RefreshToken
};
return(Ok(successfulAuthResult));
}
public async Task <JwtManagerResponse> RefreshTokenAsync(RefreshTokenRequestModel refreshTokenRequest)
{
if (refreshTokenRequest == null)
{
throw new EShopperException("Please provide required information!");
}
var validatedToken = GetPrincipalFromToken(refreshTokenRequest.AccessToken);
if (validatedToken == null)
{
throw new EShopperException("Invalid Access Token!");
}
string userEmail = validatedToken.Claims.FirstOrDefault(x => x.Type == UserClaimsType.Email).Value;
var userDetails = await _eShopperUserManager.FindByEmailAsync(userEmail);
if (userDetails == null)
{
throw new EShopperException("User not found!");
}
var validateRefreshToken = await _eShopperUserManager.VerifyUserTokenAsync(userDetails, "EShopperAuthentication", "RefreshToken", refreshTokenRequest.RefreshToken);
if (!validateRefreshToken)
{
// Invalid Refresh Token!
throw new EShopperException("This refresh token is invalid!");
}
var newClaims = await GenerateClaims(userDetails);
var newRefreshToken = await GenerateRefreshToken(userDetails, "EShopperAuthentication");
var newAccessToken = GenerateToken(newClaims);
return(new JwtManagerResponse
{
AccessToken = newAccessToken,
RefreshToken = newRefreshToken
});
}
private async Task <string> RefreshTokenAsync <T>() where T : IAccessModel
{
var refreshToken = await _localStorage.GetItemAsync <string>(LocalStorageKey.RefreshToken.ToString());
if (string.IsNullOrWhiteSpace(refreshToken))
{
throw new ApplicationException("Something went wrong during the refresh token action");
}
var deviceId = await _localStorage.GetItemAsync <string>(LocalStorageKey.DeviceId.ToString());
if (string.IsNullOrWhiteSpace(deviceId))
{
throw new ApplicationException("Something went wrong during the refresh token action");
}
var requestModel = new RefreshTokenRequestModel()
{
Token = refreshToken,
ClientType = ClientType.Web,
DeviceId = deviceId
};
var result = await _requestSenderService
.SendAsync <ApiResponse <T> >(HttpMethod.Post, "https://dev-auth.op.today/v1/identity/login/refresh", requestModel);
if (!result.Success)
{
throw new ApplicationException("Something went wrong during the refresh token action");
}
var authToken = result.Data.GetAuthToken();
await _localStorage.SetItemAsync(LocalStorageKey.AuthToken.ToString(), authToken);
await _localStorage.SetItemAsync(LocalStorageKey.RefreshToken.ToString(), result.Data.GetRefreshToken());
_requestSenderService.Client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("bearer", authToken);
_authStateProvider.NotifyUserAuthentication(result.Data.GetAuthToken());
return(authToken);
}
public async Task <IActionResult> Refresh([FromBody] RefreshTokenRequestModel request)
{
var authResponse = await _identityService.RefreshTokenAsync(request.authToken, request.RefreshToken);
if (!authResponse.Success)
{
if (authResponse.Errors.FirstOrDefault(w => w.Contains("This token hasn't expired yet")) != null)
{
return(NoContent());
}
return(Unauthorized(new ErrorResponseModel(authResponse.Errors)));
}
await DeactivateCurrentTokenAsync();
return(Ok(new AuthSuccessResponseModel
{
authToken = authResponse.AuthToken,
refreshToken = authResponse.RefreshToken
}));
}
public async Task <GenericResult <LoginResponseModel> > AuthenticateWithRefreshToken(RefreshTokenRequestModel model)
{
throw new System.NotImplementedException();
}
public async Task <GenericResult <LoginResponseModel> > RefreshToken([FromBody] RefreshTokenRequestModel model)
{
var response = await _authenticationService.AuthenticateWithRefreshToken(model);
return(response);
}
/// <summary>
/// 刷新token <see cref="IAuthContract.RefreshToken"/>
/// </summary>
/// <param name="requestModel"></param>
/// <param name="timeout"></param>
/// <param name="cancellationToken"></param>
/// <returns></returns>
public ITask <TokenResponseModel> RefreshToken(
RefreshTokenRequestModel requestModel,
TimeSpan?timeout = null, CancellationToken cancellationToken = default)
{
return(AuthContract.RefreshToken(requestModel, timeout, cancellationToken));
}
public async Task <IActionResult> RefreshToken([FromBody] RefreshTokenRequestModel model)
{
var response = await _accountService.RefreshTokenAsync(model.RefreshToken);
return(Json(new JsonResponse <TokenResponseModel>(response)));
}
