public void Create(AuthenticationTokenCreateContext context) { var clientid = context.Ticket.Properties.Dictionary["client_id"]; if (string.IsNullOrEmpty(clientid)) { return; } var refreshTokenId = Guid.NewGuid().ToString("n"); var refreshTokenLifeTime = context.OwinContext.Get <string>("clientRefreshTokenLifeTime"); var token = new RefreshToken() { RefreshTokenId = Helper.GetHash(refreshTokenId), ClientId = clientid, Subject = context.Ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)) }; context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; //token.ProtectedTicket = context.SerializeTicket(); Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer serializer = new Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer(); token.ProtectedTicket = System.Text.Encoding.Default.GetString(serializer.Serialize(context.Ticket)); context.SetToken(refreshTokenId); }
private Dictionary <string, string> GenerateTokenResponse(AppUser appUser, List <UserRoles> userRoles, string deviceId, DeviceType deviceType) { var tokenExpiration = Convert.ToDouble(ConfigurationManager.AppSettings["AccessTokenExpireTime"]); ClaimsIdentity identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, appUser.UserName)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, appUser.Id.ToString())); identity.AddClaim(new Claim("displayName", appUser.Name)); foreach (var userrole in userRoles) { identity.AddClaim(new Claim(ClaimTypes.Role, userrole.RoleName)); } var props = new AuthenticationProperties() { IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.Add(TimeSpan.FromMinutes(tokenExpiration)), }; var ticket = new AuthenticationTicket(identity, props); var context = new Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext( Request.GetOwinContext(), Startup.OAuthOptions.AccessTokenFormat, ticket); var accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket); var refreshTokenId = Guid.NewGuid().ToString("n"); var refreshTokenLifeTime = Convert.ToDouble(ConfigurationManager.AppSettings["RefreshTokenExpireTime"]); var refreshToken = new RefreshToken() { RefreshTokenId = GenerateHash.GetHash(refreshTokenId), UserId = appUser.Id, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(refreshTokenLifeTime), DeviceId = deviceId, DeviceType = deviceType }; context.Ticket.Properties.IssuedUtc = refreshToken.IssuedUtc; context.Ticket.Properties.ExpiresUtc = refreshToken.ExpiresUtc; Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer serializer = new Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer(); refreshToken.ProtectedTicket = System.Text.Encoding.Default.GetString(serializer.Serialize(context.Ticket)); //Save new token refreshTokenRepository.SaveRefreshToken(refreshToken); Dictionary <string, string> tokenResponse = new Dictionary <string, string>(); tokenResponse.Add("access_token", accessToken); tokenResponse.Add("token_type", "bearer"); tokenResponse.Add("expires_in", TimeSpan.FromMinutes(tokenExpiration).TotalSeconds.ToString()); tokenResponse.Add("issued", ticket.Properties.IssuedUtc.Value.ToString("R")); tokenResponse.Add("expires", ticket.Properties.ExpiresUtc.Value.ToString("R")); tokenResponse.Add("refresh_token", refreshTokenId); tokenResponse.Add("user_name", appUser.UserName); tokenResponse.Add("display_name", appUser.Name); return(tokenResponse); }
private JObject GenerateLocalAccessTokenResponse(string userName) { var tokenExpiration = TimeSpan.FromDays(1); ClaimsIdentity identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, userName)); identity.AddClaim(new Claim("role", "user")); var props = new AuthenticationProperties() { IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.Add(tokenExpiration), }; var ticket = new AuthenticationTicket(identity, props); var context = new Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext( Request.GetOwinContext(), Startup.OAuthBearerOptions.AccessTokenFormat, ticket); Startup.OAuthBearerOptions.AccessTokenProvider.CreateAsync((context)); context.Ticket.Properties.Dictionary.Add("refresh_token", context.Token); Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer serializer = new Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer(); var accessToken = Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket); JObject tokenResponse = new JObject( new JProperty("userName", userName), new JProperty("access_token", accessToken), new JProperty("resfresh_token", context.Token), new JProperty("token_type", "bearer"), new JProperty("expires_in", tokenExpiration.TotalSeconds.ToString()), new JProperty(".issued", ticket.Properties.IssuedUtc.ToString()), new JProperty(".expires", ticket.Properties.ExpiresUtc.ToString()) ); return(tokenResponse); }
public IHttpActionResult GetAccessToken(RefreshTokenModel refreshTokenModel) { ApiResponse apiResponse = new ApiResponse(); apiResponse.Message = "Your session has expired. Kindly login again."; try { var getHashToken = GenerateHash.GetHash(refreshTokenModel.RefreshToken); var getRefreshTokenDetails = refreshTokenRepository.GetRefreshTokenDetail(getHashToken); if (getRefreshTokenDetails != null && getRefreshTokenDetails.ExpiresUtc > DateTime.UtcNow && !string.IsNullOrEmpty(getRefreshTokenDetails.ProtectedTicket)) { if (getRefreshTokenDetails.DeviceType == refreshTokenModel.DeviceType) { var currentTime = DateTime.UtcNow; Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer serializer = new Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer(); var getSecurityClaims = serializer.Deserialize(System.Text.Encoding.Default.GetBytes(getRefreshTokenDetails.ProtectedTicket)); //Generate New Refresh Token and Access Token var tokenExpiration = Convert.ToDouble(ConfigurationManager.AppSettings["AccessTokenExpireTime"]); var props = new AuthenticationProperties() { IssuedUtc = currentTime, ExpiresUtc = DateTime.UtcNow.Add(TimeSpan.FromMinutes(tokenExpiration)), }; var ticket = new AuthenticationTicket(getSecurityClaims.Identity, props); var context = new Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext( Request.GetOwinContext(), Startup.OAuthOptions.AccessTokenFormat, ticket); context.Ticket.Properties.Dictionary.Add(new KeyValuePair <string, string>("device_id", getRefreshTokenDetails.DeviceId)); var accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket); var refreshTokenId = Guid.NewGuid().ToString("n"); var refreshTokenLifeTime = Convert.ToDouble(ConfigurationManager.AppSettings["RefreshTokenExpireTime"]); var refreshToken = new RefreshToken() { RefreshTokenId = GenerateHash.GetHash(refreshTokenId), DeviceId = getRefreshTokenDetails.DeviceId, DeviceType = refreshTokenModel.DeviceType, UserId = getRefreshTokenDetails.UserId, IssuedUtc = currentTime, ExpiresUtc = currentTime.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)), }; context.Ticket.Properties.IssuedUtc = refreshToken.IssuedUtc; context.Ticket.Properties.ExpiresUtc = refreshToken.ExpiresUtc; refreshToken.ProtectedTicket = System.Text.Encoding.Default.GetString(serializer.Serialize(context.Ticket)); //SAVE Refresh token refreshTokenRepository.SaveRefreshToken(refreshToken); Dictionary <string, string> tokenResponse = new Dictionary <string, string>(); tokenResponse.Add("access_token", accessToken); tokenResponse.Add("token_type", "bearer"); tokenResponse.Add("expires_in", TimeSpan.FromMinutes(tokenExpiration).TotalSeconds.ToString()); tokenResponse.Add("issued", ticket.Properties.IssuedUtc.Value.ToString("R")); tokenResponse.Add("expires", ticket.Properties.ExpiresUtc.Value.ToString("R")); tokenResponse.Add("refresh_token", refreshTokenId); return(ResponseMessage(Request.CreateResponse(HttpStatusCode.OK, tokenResponse))); } } } catch (Exception ex) { logger.Error(ex); } return(ResponseMessage(Request.CreateResponse(HttpStatusCode.Gone, apiResponse))); }