C# (CSharp) IRefreshTokenRepository.FindAsync Examples

Example #1

        public async Task <JsonWebToken> CreateAccessTokenAsync(string token)
        {
            var refreshToken = await _refreshTokenRepository.FindAsync(x => x.Token == token);

            if (refreshToken == null)
            {
                throw new StocqresException("Refresh token was not found");
            }

            if (refreshToken.Revoked)
            {
                throw new StocqresException($"Refresh token: {refreshToken.Id} was revoked.");
            }

            var jwt = await _tokenService.CreateTokenForUser(refreshToken.UserId);

            jwt.RefreshToken = refreshToken.Token;

            return(jwt);
        }

Example #2

File: RefreshTokenRepositoryService.cs Project: Zexuz/MicroService.Login

        public async Task <bool> RevokeRefreshToken(int userId, string refreshToken)
        {
            var token = await _refreshTokenRepository.FindAsync(userId, refreshToken);

            if (token == null)
            {
                return(false);
            }

            if (!token.Valid)
            {
                return(true);
            }

            token.Valid   = false;
            token.Revoked = DateTimeOffset.Now;
            await _refreshTokenRepository.UpdateAsync(token);

            return(true);
        }

Example #3

        private async Task ValidateRequestAsync(IRefreshTokenRequest request)
        {
            _request = request;

            if (_request.ClientId == Guid.Empty || _request.ClientSecret == null)
            {
                throw new InvalidClientException("Invalid client credentials.");
            }

            if (_request.RefreshToken == null)
            {
                throw new InvalidGrantException("Refresh token could not be found");
            }

            _refreshToken = await _refreshTokenRepository.FindAsync(request.RefreshToken);

            if (_refreshToken == null || _refreshToken.IsExpired || _refreshToken.Application.ClientId != request.ClientId)
            {
                throw new InvalidGrantException("Refresh token could not be found.");
            }

            // If someone tries to use the same refresh token twice, disable the access token.
            if (_refreshToken.Used)
            {
                if (_refreshToken.AccessToken != null && !_refreshToken.AccessToken.IsExpired)
                {
                    _refreshToken.AccessToken.Disabled = true;
                    await _accessTokenRepository.SaveAsync();
                }

                throw new InvalidGrantException("Refresh token could not be found.");
            }

            await _authenticateClientService.AuthenticateAsync(_request.ClientId, _request.ClientSecret);

            // Make sure all requested scopes were requested in the original refresh token.
            if (request.Scope != null)
            {
                var scopes = request.Scope.Split(" ");
                foreach (var scope in scopes)
                {
                    // Only allow the refreshed token to use the scopes issued with the
                    // original token as per https://tools.ietf.org/html/rfc6749#section-6
                    var originalScopes = _refreshToken.AuthorizationCode.Scope.Split(" ");
                    if (originalScopes.All(scopeName => scopeName != scope))
                    {
                        throw new InvalidScopeException("The provided scope is invalid.");
                    }
                }
            }

            _scope = request.Scope ?? _refreshToken.Scope;
        }