Example #1
0
        public async Task <Token> ValidateRefreshTokenAsync(string refreshTokenId)
        {
            try
            {
                RefreshToken refreshToken = await _refreshTokenRepository.GetByIdAsync(refreshTokenId);

                if (refreshToken == null)
                {
                    throw new NotFoundException("refresh token not found");
                }

                Token token = new Token
                {
                    Jwt     = await GenerateAccessTokenAsync(refreshToken.User),
                    Refresh = await GenerateRefreshTokenAsync(refreshToken.User.Id)
                };

                await _refreshTokenRepository.DeleteAsync(refreshToken.Id);

                _storage.Save();

                return(token);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
Example #2
0
        public async Task <string> RefreshAccessToken(string refreshTokenStr)
        {
            var decodedRefreshToken = _refreshTokenDecoder.Decode(refreshTokenStr);

            if (decodedRefreshToken == null)
            {
                _logger.LogWarning("Cannot refresh access token - decoding failure");
                return(null);
            }

            var refreshToken = await _refreshTokenRepository.GetByIdAsync(decodedRefreshToken.Id);

            if (refreshToken?.IsRevoked ?? false)
            {
                _logger.LogWarning("Cannot refresh access token - no such refresh token or token is revoked");
                return(null);
            }

            return(_accessTokenService.Create(decodedRefreshToken.UserClaims));
        }
Example #3
0
        public async Task <AuthenticationResult> RefreshTokenAsync(string token, string refreshToken)
        {
            var validatedToken = GetPrincipalFromToken(token);

            if (validatedToken == null)
            {
                return(new AuthenticationResult
                {
                    Errors = new[] { "Invalid Token" }
                });
            }

            var expiryDateUnix =
                long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp)
                           .Value);

            var expiryDateTimeUtc =
                new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expiryDateUnix);

            if (expiryDateTimeUtc > DateTime.UtcNow)
            {
                return(new AuthenticationResult
                {
                    Errors = new[] { "This token hasn't expired yet" }
                });
            }

            var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;

            var storedRefreshToken = await refreshTokenRepository.GetByIdAsync(refreshToken)
                                     .ConfigureAwait(false);

            if (storedRefreshToken == null)
            {
                return(new AuthenticationResult
                {
                    Errors = new[] { "This refresh token does not exist" }
                });
            }

            if (DateTime.UtcNow > storedRefreshToken.ExpiryDate)
            {
                return(new AuthenticationResult
                {
                    Errors = new[] { "This refresh token has expired" }
                });
            }

            if (storedRefreshToken.Invalidated)
            {
                return(new AuthenticationResult
                {
                    Errors = new[] { "This refresh token has been invalidated" }
                });
            }

            if (storedRefreshToken.Used)
            {
                return(new AuthenticationResult
                {
                    Errors = new[] { "This refresh token has been used" }
                });
            }

            if (storedRefreshToken.JwtId != jti)
            {
                return(new AuthenticationResult
                {
                    Errors = new[] { "This refresh token does not match this JWT" }
                });
            }

            storedRefreshToken.Used = true;
            refreshTokenRepository.Update(storedRefreshToken);
            await refreshTokenRepository.SaveAsync().ConfigureAwait(false);

            var user = await userManager
                       .FindByIdAsync(validatedToken.Claims.Single(x => x.Type == "id").Value)
                       .ConfigureAwait(false);

            return(await GenerateAuthenticationResultForUserAsync(user).ConfigureAwait(false));
        }
        public async Task <string> GetRefreshTokenAsync(Guid clientId)
        {
            var entity = await _refreshTokenRepository.GetByIdAsync(clientId);

            return(entity?.RefreshToken);
        }