protected override bool ValidateToken(LoginToken token) => base.ValidateToken(token) && !string.IsNullOrWhiteSpace(token?.RefreshToken);
protected override async Task <IDictionary <string, string> > GetRequestParameters(LoginToken token)
{
var details = await _userLoginCommand.RetrieveAsync();
if (details.Cancelled)
{
throw new HttpSecurityException("The login process has been cancelled.");
}
var builder = _requestBuilder
.SetCredendials(details.Username, details.Password);
if (details.Additional.TryGetValue(SecurityTokenConstants.Scopes, out object scopesObject) && scopesObject is IEnumerable <string> scopes)
{
builder.AddScopes(scopes);
}
builder.SetClientId(token.ClientId)
.SetClientSecret(token.ClientSecret);
return(builder.Build());
}
protected override async Task OnHandleRequestAsync(HttpRequestMessage message, LoginToken token)
{
if (!_configuration.TryGet(SecurityTokenConstants.ApiConfiguration, out ApiConfiguration configuration))
{
throw new InvalidOperationException("There is no api configuration configured. Please ensure that it has been added to the security configuration.");
}
var parameters = await GetRequestParameters(token);
var request = new ApiCommandRequest(configuration.TokenEndpoint, parameters);
var response = await _apiCommand.ExecuteAsync(request);
var newToken = await response.TryGetContent <LoginToken>();
_configuration.Update(SecurityTokenConstants.LoginToken, newToken);
message.Headers.Authorization = new AuthenticationHeaderValue(SecurityTokenConstants.JwtAuthHeader, newToken.AccessToken);
}
protected abstract Task <IDictionary <string, string> > GetRequestParameters(LoginToken token);
protected virtual bool ValidateToken(LoginToken token) => token != null && !_validator.ReadJwtToken(token.AccessToken).HasExpired();
protected abstract Task OnHandleRequestAsync(HttpRequestMessage message, LoginToken token);