public string Refresh(string referenceCode, string expiredToken)
{
string claimId = _dataProtectionService.Unprotect(referenceCode);
string token = _memoryCache.GetString(claimId);
if (!string.IsNullOrEmpty(token))
{
DateTime expire = DateTime.UtcNow.AddHours(HOURS_TO_EXPIRE);
JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(token);
ICollection <Claim> clonedClaims = jwtSecurityToken.Claims.Where(x => x.Type != JwtRegisteredClaimNames.Exp).ToList();
clonedClaims.Add(new Claim(JwtRegisteredClaimNames.Exp, ToUnixDate(expire).ToString()));
JwtSecurityToken newToken = new JwtSecurityToken(
issuer: _jwtConfiguration.Issuer,
audience: _jwtConfiguration.Issuer,
claims: clonedClaims,
signingCredentials: _jwtConfiguration.SigningCredentials);
string encodedJwt = new JwtSecurityTokenHandler().WriteToken(newToken);
//Save to cache. TODO: persist?
DistributedCacheEntryOptions cacheEntryOptions = new DistributedCacheEntryOptions().SetAbsoluteExpiration(expire.AddMinutes(10));
_memoryCache.Set(claimId, Encoding.UTF8.GetBytes(encodedJwt), cacheEntryOptions);
return(encodedJwt);
}
return(null);
}
/// <summary>
/// Converts the XML document which contains a version 2 config, to a version 3 config.
/// </summary>
/// <param name="root">Root node of the XML document.</param>
protected virtual void UpdateSettingsFrom2To3(XElement root)
{
XElement cloudStorageAcount = root.Element("cloud_storage_account");
if (cloudStorageAcount != null)
{
XElement cloudStorageCredentialsElement = new XElement("cloud_storage_credentials");
XElement cloudTypeElement = cloudStorageAcount.Element("cloud_type");
if (cloudTypeElement != null)
{
cloudStorageCredentialsElement.Add(new XElement("cloud_storage_id", cloudTypeElement.Value.ToLowerInvariant()));
}
XElement userElement = cloudStorageAcount.Element("username");
if (userElement != null)
{
cloudStorageCredentialsElement.Add(new XElement("username", EncryptProperty(userElement.Value)));
}
XElement passwordElement = cloudStorageAcount.Element("protected_password");
if (passwordElement != null)
{
byte[] passwordBytes = _dataProtectionService.Unprotect(passwordElement.Value);
SecureString password = SecureStringExtensions.BytesToSecureString(passwordBytes, Encoding.Unicode);
cloudStorageCredentialsElement.Add(new XElement("password", EncryptProperty(password.SecureStringToString())));
}
XElement urlElement = cloudStorageAcount.Element("url");
if (urlElement != null)
{
cloudStorageCredentialsElement.Add(new XElement("url", urlElement.Value));
}
XElement accessTokenElement = cloudStorageAcount.Element("oauth_access_token");
if (accessTokenElement != null)
{
cloudStorageCredentialsElement.Add(new XElement("access_token", EncryptProperty(accessTokenElement.Value)));
}
root.AddFirst(cloudStorageCredentialsElement);
}
}
public IActionResult LogOut(string ReferenceCode, string IdpName)
{
return(ActionHelper.TryCatchWithLoggerGeneric <IActionResult>(() =>
{
if (string.IsNullOrEmpty(ReferenceCode))
{
_logger.LogWarning("LogOut -> parameter reference code is null");
return BadRequest();
}
string idpUrl = _idpHelper.GetSingleLogoutUrl(IdpName);
if (string.IsNullOrEmpty(idpUrl))
{
throw new Exception(string.Concat("Auth -> idp url not found for idp ", idpUrl));
}
string token = _tokenService.Find(_dataProtectionService.Unprotect(ReferenceCode));
string idpReferenceId = string.Empty;
if (!string.IsNullOrEmpty(token))
{
JwtSecurityToken jwtToken = new JwtSecurityTokenHandler().ReadJwtToken(token);
idpReferenceId = jwtToken.Claims.FirstOrDefault(x => x.Type == JwtRegisteredClaimNames.NameId)?.Value;
}
_tokenService.Remove(ReferenceCode);
_sessionAuthLogger.LogInformation("Disconnessione effettuata correttamente dall' utente {0}", idpReferenceId);
ViewData["FormUrlAction"] = idpUrl;
if (_spidConfiguration.IdpType == Model.IDP.IdpType.FedERa)
{
ViewData["SPID"] = _spidConfiguration.SPDomain;
ViewData["SPURL"] = _spidConfiguration.LogoutCallback;
_traceLogger.LogInformation("LogoutReq_SPID: {0}|LogoutReq_SPURL: {1}", _spidConfiguration.SPDomain, _spidConfiguration.LogoutCallback);
return View("LogOutFedera");
}
SamlRequestOption samlRequestOption = _requestOptionFactory.GenerateLogoutRequestOption(IdpName);
if (samlRequestOption == null)
{
throw new Exception("Auth -> error on generate saml model option");
}
string samlrequest = _authRequest.PostableLogOutRequest(samlRequestOption, _spidConfiguration.CertificatePrivateKey);
ClearCookies();
this.SetCookie("SpidLogoutRequestId", samlRequestOption.Id.ToString(), 20);
ViewData["RelayState"] = Guid.NewGuid();
ViewData["SAMLRequest"] = samlrequest;
return View("LogOutSPID");
}, _logger));
}