Beispiel #1
0
        public async Task <ActionResult> RefreshToken([FromBody] UserRefreshTokenModel model)
        {
            try
            {
                var principal         = GetPrincipalFromExpiredToken(model.Token);
                var email             = principal.Identity.Name;
                var savedRefreshToken = await _accountService.GetRefreshToken(email);

                if (savedRefreshToken != model.RefreshToken)
                {
                    throw new ArgumentException(ErrorMessage.INVALIDREFRESHTOKEN.ToString());
                }

                var newJwtToken     = GenerateToken(principal.Claims);
                var newRefreshToken = GenerateRefreshToken();

                await _accountService.SaveRefreshToken(email, newRefreshToken);

                var now = DateTime.UtcNow;

                var response = new
                {
                    access_token  = newJwtToken,
                    refresh_token = newRefreshToken,
                    expires_date  = now.Add(TimeSpan.FromMinutes(AuthOptions.LIFETIME))
                };

                return(Ok(response));
            }
            catch (ArgumentException aex)
            {
                return(Unauthorized(aex.Message));
            }
        }
        public async Task <VsfResponse> RefreshToken(UserRefreshTokenModel userRefreshTokenModel)
        {
            var refreshToken = await _userTokenProvider.GetRefreshToken(userRefreshTokenModel.RefreshToken);

            var user = await _userAdapter.GetUserById(refreshToken.UserId);

            var userClaims = _userClaimsProvider.GetClaims(user).ToList();
            var authToken  = await _userTokenProvider.GenerateNewToken(userClaims);

            return(new RefreshTokenResponse(authToken));
        }
 public async Task <IHttpActionResult> Refresh([FromBody] UserRefreshTokenModel userRefreshTokenModel)
 {
     return(Ok(await _userEndpoint.RefreshToken(userRefreshTokenModel)));
 }