public async Task <Token> ValidateRefreshTokenAsync(string refreshTokenId) { try { RefreshToken refreshToken = await _refreshTokenRepository.GetByIdAsync(refreshTokenId); if (refreshToken == null) { throw new NotFoundException("refresh token not found"); } Token token = new Token { Jwt = await GenerateAccessTokenAsync(refreshToken.User), Refresh = await GenerateRefreshTokenAsync(refreshToken.User.Id) }; await _refreshTokenRepository.DeleteAsync(refreshToken.Id); _storage.Save(); return(token); } catch (Exception ex) { throw ex; } }
public async Task <string> RefreshAccessToken(string refreshTokenStr) { var decodedRefreshToken = _refreshTokenDecoder.Decode(refreshTokenStr); if (decodedRefreshToken == null) { _logger.LogWarning("Cannot refresh access token - decoding failure"); return(null); } var refreshToken = await _refreshTokenRepository.GetByIdAsync(decodedRefreshToken.Id); if (refreshToken?.IsRevoked ?? false) { _logger.LogWarning("Cannot refresh access token - no such refresh token or token is revoked"); return(null); } return(_accessTokenService.Create(decodedRefreshToken.UserClaims)); }
public async Task <AuthenticationResult> RefreshTokenAsync(string token, string refreshToken) { var validatedToken = GetPrincipalFromToken(token); if (validatedToken == null) { return(new AuthenticationResult { Errors = new[] { "Invalid Token" } }); } var expiryDateUnix = long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp) .Value); var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expiryDateUnix); if (expiryDateTimeUtc > DateTime.UtcNow) { return(new AuthenticationResult { Errors = new[] { "This token hasn't expired yet" } }); } var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value; var storedRefreshToken = await refreshTokenRepository.GetByIdAsync(refreshToken) .ConfigureAwait(false); if (storedRefreshToken == null) { return(new AuthenticationResult { Errors = new[] { "This refresh token does not exist" } }); } if (DateTime.UtcNow > storedRefreshToken.ExpiryDate) { return(new AuthenticationResult { Errors = new[] { "This refresh token has expired" } }); } if (storedRefreshToken.Invalidated) { return(new AuthenticationResult { Errors = new[] { "This refresh token has been invalidated" } }); } if (storedRefreshToken.Used) { return(new AuthenticationResult { Errors = new[] { "This refresh token has been used" } }); } if (storedRefreshToken.JwtId != jti) { return(new AuthenticationResult { Errors = new[] { "This refresh token does not match this JWT" } }); } storedRefreshToken.Used = true; refreshTokenRepository.Update(storedRefreshToken); await refreshTokenRepository.SaveAsync().ConfigureAwait(false); var user = await userManager .FindByIdAsync(validatedToken.Claims.Single(x => x.Type == "id").Value) .ConfigureAwait(false); return(await GenerateAuthenticationResultForUserAsync(user).ConfigureAwait(false)); }
public async Task <string> GetRefreshTokenAsync(Guid clientId) { var entity = await _refreshTokenRepository.GetByIdAsync(clientId); return(entity?.RefreshToken); }