public async Task <IHttpActionResult> Post(AuthorizationRefresh entity, CancellationToken ct) { if (entity == null) { ModelState.AddModelError("entity", Resources.ModelValidation_RequiredScoped); return(Request.CreateBadRequestResult(Resources.BadRequestErrorMessage, ModelState)); } var applicationIdDecoded = entity.ApplicationId; var refreshTokenDecoded = Guid.Parse(entity.RefreshToken.DecodeFromBase64ASCII()); await _uow.BeginAsync(ct); var apiApplication = await _uow.Security.Applications.GetByIdAsync(applicationIdDecoded, ct); if (apiApplication == null) { ModelState.AddModelError( "request.ApplicationId", Resources.Conflict_Authorizations_ApiApplicationNotFoundScoped); return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState)); } var authenticationToken = await _uow.ExecuteQueryAndGetFirstOrDefaultAsync( _uow.Security.ApiAuthenticationTokens.GetAllAndFetch(e => e.BaseApiUser) .Where(at => at.ApiApplicationId == applicationIdDecoded && at.RefreshToken == refreshTokenDecoded), ct); if (authenticationToken == null) { ModelState.AddModelError( "request.RefreshToken", Resources.Conflict_Authorizations_RefreshTokenNotFound); return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState)); } // Always create a new access token var authenticationAccessToken = new ApiAuthenticationAccessToken { AccessToken = Guid.NewGuid(), ExpirationDate = DateTime.Now.AddHours(1) }; authenticationToken.ApiAuthenticationAccessTokens.Add(authenticationAccessToken); await _uow.CommitAsync(ct); entity.Authorization = new Authorization { AccessToken = authenticationAccessToken.AccessToken.ToString().EncodeToBase64ASCII(), RefreshToken = authenticationToken.RefreshToken.ToString().EncodeToBase64ASCII(), ExpiresIn = (int)authenticationAccessToken.ExpirationDate.Subtract(DateTime.Now).TotalMinutes, UserName = authenticationToken.BaseApiUser.UserName }; return(Created(entity)); }
public async Task <IHttpActionResult> Post(AuthorizationRequest entity, CancellationToken ct) { if (entity == null) { ModelState.AddModelError("entity", Resources.ModelValidation_RequiredScoped); return(Request.CreateBadRequestResult(Resources.BadRequestErrorMessage, ModelState)); } await _uow.BeginAsync(ct); var user = await GetUserAsync(entity.UserName.Trim().ToLowerInvariant(), entity.Password, ct); if (user == null) { return(Request.CreateConflictResponse(Resources.Conflict_Authorizations_InvalidCredentials)); } if (!user.EmailConfirmed) { return(Request.CreateConflictResponse(Resources.Conflict_Authorizations_MissingEmailConfirmation)); } // Try to find an existing token for the application var authenticationToken = await GetApiAuthenticationTokenAsync(user.Id, entity.ApplicationId, ct); if (authenticationToken == null) { // Searches if the application exists var application = await GetApiApplicationUserAsync(entity.ApplicationId, ct); if (application == null) { ModelState.AddModelError( "request.ApplicationId", Resources.Conflict_Authorizations_ApiApplicationNotFoundScoped); return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState)); } // Create a new global refresh token without any access tokens authenticationToken = await AddApiAuthenticationTokenAsync(user, application, ct); } // Always create a new access token with a TTL of 1h var authenticationAccessToken = new ApiAuthenticationAccessToken { AccessToken = Guid.NewGuid(), ExpirationDate = DateTime.Now.AddHours(1) }; authenticationToken.ApiAuthenticationAccessTokens.Add(authenticationAccessToken); await _uow.CommitAsync(ct); entity.Authorization = new Authorization { AccessToken = authenticationAccessToken.AccessToken.ToString() .EncodeToBase64ASCII(), RefreshToken = authenticationToken.RefreshToken.ToString().EncodeToBase64ASCII(), ExpiresIn = (int) authenticationAccessToken.ExpirationDate.Subtract(DateTime.Now) .TotalMinutes, UserName = user.UserName }; return(Created(entity)); }