public IActionResult Refresh(Token token)
{
var accessTokenAsString = JwtHelper.GetTokenSubstring(Request.Headers["Authorization"].ToString());
if (accessTokenAsString == "null")
{
return(Unauthorized());
}
var userCredentials = JwtHelper.GetCredentialsFromToken(accessTokenAsString);
var savedRefreshToken = _refreshTokenRepository.GetUserRefreshToken(token.Refresh, userCredentials.Id);
if (savedRefreshToken == null)
{
throw new SecurityTokenException("Invalid refresh token!");
}
var newJwtToken = _jwtHelper.GetAccessToken(userCredentials);
var newRefreshToken = _jwtHelper.GetRefreshToken();
if (!_refreshTokenRepository.AddRefreshToken(newRefreshToken, userCredentials.Id))
{
return(Unauthorized());
}
if (!_refreshTokenRepository.DeleteRefreshToken(savedRefreshToken))
{
return(Unauthorized());
}
return(Ok(new Token(newJwtToken, newRefreshToken)));
}
public async void DeleteRefreshTokenWithWrongToken()
{
string token = "token";
_repo.DeleteRefreshToken(token).Returns(false);
RefreshTokenService refreshService = new RefreshTokenService(_repo);
var result = await refreshService.DeleteRefreshToken(token);
Assert.False(result);
}
/// <summary>
/// Permet de supprimer un RefreshToken
/// </summary>
/// <param name="token"></param>
/// <returns>Boolean</returns>
public async Task <bool> DeleteRefreshToken(string token)
{
var result = false;
if (!String.IsNullOrWhiteSpace(token))
{
result = await _repo.DeleteRefreshToken(token);
}
return(result);
}