Example #1
0
        public JwtValidationResult ValidateToken(string token, bool getOnlyNotExpiredToken = false)
        {
            JwtValidationResult result    = new JwtValidationResult();
            var tokenValidationParameters = new TokenValidationParameters
            {
                ValidateAudience         = true,
                ValidateIssuer           = true,
                ValidateIssuerSigningKey = true,
                ValidateLifetime         = getOnlyNotExpiredToken,
                IssuerSigningKey         = ((IJwtSigningDecodingKey)signingKeys).GetKey(),
                TokenDecryptionKey       = ((IJwtEncryptingDecodingKey)encryptingKeys).GetKey(),
                ValidAudience            = jwtOptions.Value.Audience,
                ValidIssuer = jwtOptions.Value.Issuer
            };
            var tokenHandler = new JwtSecurityTokenHandler();

            try
            {
                var principal = tokenHandler.ValidateToken(token, tokenValidationParameters, out SecurityToken securityToken);
                JwtSecurityToken jwtSecurityToken = securityToken as JwtSecurityToken;
                if (jwtSecurityToken != null &&
                    jwtSecurityToken.Header.Alg.Equals(encryptingKeys.SigningAlgorithm, StringComparison.InvariantCultureIgnoreCase))
                {
                    if (jwtSecurityToken.ValidTo < DateTime.Now)
                    {
                        result.IsTokenExpired = true;
                    }
                    result.SetSuccess(principal);
                }
                else
                {
                    result.SetFail(new SecurityTokenInvalidSigningKeyException());
                }
            }
            catch (Exception ex)
            {
                result.SetFail(ex);
            }
            return(result);
        }
Example #2
0
        public async Task <ServiceResult> RefreshToken(RefreshTokenViewModel model, string ip)
        {
            ServiceResult       result           = new ServiceResult();
            JwtValidationResult validationResult = ValidateToken(model.Token);

            if (validationResult.IsSuccessful && validationResult.IsTokenExpired)
            {
                Session session = await context.Sessions.FirstOrDefaultAsync(s => s.RefreshToken == model.RefreshToken && s.FingerPrint == model.Fingerprint);

                if (session != null)
                {
                    var tokens = CreateTokens(new Claim[]
                    {
                        validationResult.Principial.FindFirst("UserId"),
                        validationResult.Principial.FindFirst("UserEmail"),
                        validationResult.Principial.FindFirst("Fingerprint"),
                        validationResult.Principial.FindFirst("SessionId"),
                        new Claim("Ip", ip)
                    });
                    session.IpAddress    = ip;
                    session.RefreshToken = tokens.RefreshToken;
                    await context.SaveChangesAsync();

                    result.Data = JsonConvert.SerializeObject(tokens);
                    return(result);
                }
                else
                {
                    result.SetFail("Invalid refresh token");
                    logger.LogWarning("Token wasn't refresh. Invalid session");
                }
            }
            else
            {
                result.SetFail("Invalid token");
                logger.LogWarning("Token wasn't refresh. Invalid value or token is not expired: " + model.Token);
            }
            return(result);
        }