public async Task <IActionResult> RefreshToken([FromBody] RefreshTokenRequestDto dto, CancellationToken cancellationToken = default(CancellationToken)) { var tokenDto = _mapper.Map <TokenDto>(dto); if (!await _tokenService.CheckToken(tokenDto, cancellationToken)) { return(BadRequest(new ApiResponse(StatusCodes.Status400BadRequest))); } var newToken = await _tokenService.RefreshSecurityToken(tokenDto, cancellationToken); var response = new ApiOkResponse(newToken); return(Ok(response)); }
public async Task <LyciumToken> RefreshToken(long uid, string token) { //校验客户端 var host = _host.GetHost(HttpContext); if (_host.CheckHost(HttpContext, host)) { var serverToken = _token.GetToken(uid); if (serverToken != default && _token.CheckToken(token, serverToken)) { //判断是否存活 if (token == serverToken.PreContent && serverToken.IsAlive) { //存活就返回 _notifier.SendToken(host, serverToken); return(serverToken); } else if (serverToken.CanFlush) { //允许刷新,刷新内容 _token.RefreshAndNotifyToken(serverToken); return(serverToken); } else { _token.LogoutBroadcast(serverToken); } } } else { Response.StatusCode = 403; await Response.WriteAsync("检测到非法请求,请联系管理员!"); } return(null); }
public async Task InvokeAsync(HttpContext context) { try { string token = context.Request.Headers["Authorization"].ToString(); if (!tokenService.CheckToken(token)) { context.Response.StatusCode = 401; return; } await nextMiddleware(context); } catch (Exception ex) { exceptionLogger.Log(new ApplicationError(ex), LogLevel.Error, logConfiguration); context.Response.StatusCode = 401; } }
protected async override Task <AuthenticateResult> HandleAuthenticateAsync() { var token = await _tokenService.CheckToken(Request .Headers["Authorization"] .FirstOrDefault()? .Split(" ") .Last() ?? string.Empty); if (!token.IsValid) { return(AuthenticateResult.Fail($"{token.Error} {token.ErrorDescription}.")); } if (string.IsNullOrEmpty(token.UserName)) { return(AuthenticateResult.Fail("Not a user access.")); } var context = await _userContextService.GetInfo(token.UserName); var claims = context .Roles .Concat(context.TechnicalRoles) .Select(role => new Claim(ClaimTypes.Role, role)) .Append(new Claim(ClaimTypes.Name, context.Username)) .Append(new Claim(ClaimTypes.GivenName, context.FirstName)) .Append(new Claim(ClaimTypes.Surname, context.LastName)); var identity = new ClaimsIdentity(claims, Options.AuthenticationType); var identities = new List <ClaimsIdentity> { identity }; var principal = new ClaimsPrincipal(identities); var ticket = new AuthenticationTicket(principal, Options.Scheme); return(AuthenticateResult.Success(ticket)); }
public async Task Invoke(HttpContext httpContext, ITokenService service) { var token = ""; string requestPath = httpContext.Request.Path.Value; if (requestPath.Contains("Candidates") || requestPath.Contains("Employers") || requestPath.Contains("Skills")) { try { await next.Invoke(httpContext); } catch (Exception e) { await HandleErrorAsync(httpContext, e); return; } } else { try { token = httpContext.Request.Headers["authorization"].Single().Split(" ").Last().Trim(); } catch (Exception exception) { await HandleErrorAsync(httpContext, exception); return; } try { if (service.CheckToken(token)) { await next(httpContext); return; } } catch (Exception ex) { httpContext.Response.ContentType = "application/json"; httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; var lists = new List <string>(); lists.Add(ex.Message); await httpContext.Response.WriteAsync(JsonConvert.SerializeObject(new FailureResponse { Code = (int)HttpStatusCode.Forbidden, Error = lists })); return; } httpContext.Response.ContentType = "application/json"; httpContext.Response.StatusCode = (int)HttpStatusCode.OK; var list = new List <string>(); list.Add("401 Unauthorized"); await httpContext.Response.WriteAsync(JsonConvert.SerializeObject(new FailureResponse { Code = (int)HttpStatusCode.Unauthorized, Error = list })); return; } }