/// <summary> /// Receives the Refresh Token from the "refresh_token" grant. /// </summary> /// <param name="context">The context.</param> /// <returns><see cref="Task"/></returns> public override async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { var owinContext = context.OwinContext; var allowedOrigin = owinContext.Get <string>(OwinKeys.ClientAllowedOrigin) ?? "*"; owinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); var hashedTokenId = IdentityUtil.ComputeHash(context.Token); var identityStore = GetIdentityStore(); var refreshToken = await identityStore.FindRefreshToken(hashedTokenId); if (refreshToken != null) { context.DeserializeTicket(refreshToken.ProtectedTicket); await identityStore.RemoveRefreshToken(hashedTokenId); } }
private static RefreshToken CreateRefreshToken([NotNull] AuthenticationTicket ticket, [NotNull] string refreshTokenId, [NotNull] string clientId, double expiresInMinutes) { Contract.Requires(!string.IsNullOrEmpty(refreshTokenId)); Contract.Requires(!string.IsNullOrEmpty(clientId)); var token = new RefreshToken { Id = IdentityUtil.ComputeHash(refreshTokenId), ClientId = clientId, Subject = ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(expiresInMinutes) }; var props = ticket.Properties; props.IssuedUtc = token.IssuedUtc; props.ExpiresUtc = token.ExpiresUtc; return(token); }