public async Task <IHttpActionResult> Post(AuthorizationRefresh entity, CancellationToken ct)
{
if (entity == null)
{
ModelState.AddModelError("entity", Resources.ModelValidation_RequiredScoped);
return(Request.CreateBadRequestResult(Resources.BadRequestErrorMessage, ModelState));
}
var applicationIdDecoded = entity.ApplicationId;
var refreshTokenDecoded = Guid.Parse(entity.RefreshToken.DecodeFromBase64ASCII());
await _uow.BeginAsync(ct);
var apiApplication = await _uow.Security.Applications.GetByIdAsync(applicationIdDecoded, ct);
if (apiApplication == null)
{
ModelState.AddModelError(
"request.ApplicationId", Resources.Conflict_Authorizations_ApiApplicationNotFoundScoped);
return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState));
}
var authenticationToken =
await _uow.ExecuteQueryAndGetFirstOrDefaultAsync(
_uow.Security.ApiAuthenticationTokens.GetAllAndFetch(e => e.BaseApiUser)
.Where(at =>
at.ApiApplicationId == applicationIdDecoded &&
at.RefreshToken == refreshTokenDecoded), ct);
if (authenticationToken == null)
{
ModelState.AddModelError(
"request.RefreshToken", Resources.Conflict_Authorizations_RefreshTokenNotFound);
return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState));
}
// Always create a new access token
var authenticationAccessToken =
new ApiAuthenticationAccessToken
{
AccessToken = Guid.NewGuid(),
ExpirationDate = DateTime.Now.AddHours(1)
};
authenticationToken.ApiAuthenticationAccessTokens.Add(authenticationAccessToken);
await _uow.CommitAsync(ct);
entity.Authorization =
new Authorization
{
AccessToken = authenticationAccessToken.AccessToken.ToString().EncodeToBase64ASCII(),
RefreshToken = authenticationToken.RefreshToken.ToString().EncodeToBase64ASCII(),
ExpiresIn = (int)authenticationAccessToken.ExpirationDate.Subtract(DateTime.Now).TotalMinutes,
UserName = authenticationToken.BaseApiUser.UserName
};
return(Created(entity));
}
public async Task <IHttpActionResult> Post(AuthorizationRequest entity, CancellationToken ct)
{
if (entity == null)
{
ModelState.AddModelError("entity", Resources.ModelValidation_RequiredScoped);
return(Request.CreateBadRequestResult(Resources.BadRequestErrorMessage, ModelState));
}
await _uow.BeginAsync(ct);
var user = await GetUserAsync(entity.UserName.Trim().ToLowerInvariant(), entity.Password, ct);
if (user == null)
{
return(Request.CreateConflictResponse(Resources.Conflict_Authorizations_InvalidCredentials));
}
if (!user.EmailConfirmed)
{
return(Request.CreateConflictResponse(Resources.Conflict_Authorizations_MissingEmailConfirmation));
}
// Try to find an existing token for the application
var authenticationToken = await GetApiAuthenticationTokenAsync(user.Id, entity.ApplicationId, ct);
if (authenticationToken == null)
{
// Searches if the application exists
var application = await GetApiApplicationUserAsync(entity.ApplicationId, ct);
if (application == null)
{
ModelState.AddModelError(
"request.ApplicationId", Resources.Conflict_Authorizations_ApiApplicationNotFoundScoped);
return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState));
}
// Create a new global refresh token without any access tokens
authenticationToken =
await AddApiAuthenticationTokenAsync(user, application, ct);
}
// Always create a new access token with a TTL of 1h
var authenticationAccessToken =
new ApiAuthenticationAccessToken
{
AccessToken = Guid.NewGuid(),
ExpirationDate = DateTime.Now.AddHours(1)
};
authenticationToken.ApiAuthenticationAccessTokens.Add(authenticationAccessToken);
await _uow.CommitAsync(ct);
entity.Authorization =
new Authorization
{
AccessToken =
authenticationAccessToken.AccessToken.ToString()
.EncodeToBase64ASCII(),
RefreshToken =
authenticationToken.RefreshToken.ToString().EncodeToBase64ASCII(),
ExpiresIn =
(int)
authenticationAccessToken.ExpirationDate.Subtract(DateTime.Now)
.TotalMinutes,
UserName = user.UserName
};
return(Created(entity));
}
