public void AddRefreshToken(RefreshTokenRecord token)
{
var existingToken = _refreshTokenRepository.Fetch(r => r.UserName == token.UserName).SingleOrDefault();
if (existingToken != null)
{
_refreshTokenRepository.Delete(existingToken);
}
_refreshTokenRepository.Create(token);
TriggerSignal();
}
private Task <bool> RemoveRefreshTokenAsync(RefreshTokenRecord refreshToken)
{
try
{
_repository.Delete(refreshToken);
return(Task.FromResult(true));
}
catch (Exception ex) {
Logger.Error(ex, "删除刷新令牌时发生错误");
return(Task.FromResult(false));
}
}
private async Task InitializeRecords()
{
var expiredToken = new RefreshTokenRecord
{
ExpiresOn = DateTimeOffset.UtcNow.AddDays(-1),
UserId = _testCommand.UserId
};
await _context.RefreshTokens.AddAsync(expiredToken);
await _context.SaveChangesAsync();
}
public async Task Handler_Removes_Active_Token_That_Is_Expired()
{
var token = new RefreshTokenRecord
{
ExpiresOn = DateTimeOffset.UtcNow.AddDays(1),
Token = _testCommand.ActiveTokenForExpiration,
UserId = _testCommand.UserId
};
await _context.RefreshTokens.AddAsync(token);
await InitializeRecords();
await _handler.Handle(_testCommand);
(await _context.RefreshTokens.AnyAsync(t => t.Token == _testCommand.ActiveTokenForExpiration)).Should().BeFalse();
}
public async Task Handler_Does_Not_Remove_Matching_Token_For_Other_User()
{
var token = new RefreshTokenRecord
{
ExpiresOn = DateTimeOffset.UtcNow.AddDays(1),
Token = _testCommand.ActiveTokenForExpiration,
UserId = Guid.NewGuid()
};
await _context.RefreshTokens.AddAsync(token);
await InitializeRecords();
await _handler.Handle(_testCommand);
(await _context.RefreshTokens.AnyAsync(t => t.Token == _testCommand.ActiveTokenForExpiration)).Should().BeTrue();
}
public string GenerateRefreshToken(AuthenticationTicket ticket, string userName, string accessToken)
{
var context = new AuthenticationTokenCreateContext(_owinContext, AuthMiddleware.AuthBearerAuthenticationOptions.AccessTokenFormat, ticket);
var token = new RefreshTokenRecord
{
Token = accessToken,
UserName = userName,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddDays(1)
};
context.Ticket.Properties.IssuedUtc = DateTime.UtcNow;
context.Ticket.Properties.ExpiresUtc = DateTime.UtcNow.AddDays(1);
var refreshToken = context.SerializeTicket();
token.ProtectedTicket = refreshToken;
context.SetToken(refreshToken);
_refreshTokenService.AddRefreshToken(token);
return(refreshToken);
}
public async Task <object> SaveAsync(RefreshTokenRecord refreshToken)
{
try
{
var existingToken = _repository.Table
.Where(r => r.Subject == refreshToken.Subject && r.ClientId == refreshToken.ClientId)
.SingleOrDefault();
if (existingToken != null)
{
var delResult = await RemoveRefreshTokenAsync(existingToken);
}
var addResult = _repository.CreateRecord(refreshToken);
_repository.Flush();
return(addResult);
}
catch (Exception ex) {
Logger.Error(ex, "保存刷新令牌时发生错误");
return(Task.FromResult <object>(default(object)));
}
}
public RefreshTokenRequestHandlerTests()
{
_fixture = new Fixture();
_fixture.Behaviors.Add(new OmitOnRecursionBehavior());
_commandDispatcher = new Mock <ICommandDispatcher>();
_queryDispatcher = new Mock <IQueryDispatcher>();
_tokenService = new Mock <ITokenService>();
_testRequest = _fixture.Create <RefreshTokenRequest>();
_existingRefreshToken = _fixture
.Build <RefreshTokenRecord>()
.With(t => t.ExpiresOn, DateTimeOffset.UtcNow.AddDays(1))
.With(t => t.Token, _testRequest.RefreshToken)
.Create();
var user = _fixture
.Build <ApplicationUser>()
.With(u => u.RefreshTokens, new[] { _existingRefreshToken })
.Create();
_queryDispatcher
.Setup(x => x.Dispatch <UserGetByRefreshTokenQuery, Result <ApplicationUser> >(It.Is <UserGetByRefreshTokenQuery>(q => q != null)))
.ReturnsAsync(Result.Success(user));
_tokenService
.Setup(x => x.GenerateAccessToken(It.IsAny <ApplicationUser>()))
.Returns("token");
_tokenService
.Setup(x => x.GenerateRefreshToken(It.IsAny <ApplicationUser>()))
.Returns(_fixture.Create <RefreshTokenRecord>());
_handler = new RefreshTokenRequestHandler(_commandDispatcher.Object, _queryDispatcher.Object, _tokenService.Object);
}
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var refreshTokenId = Guid.NewGuid().ToString("n");
var client = context.OwinContext.Get <AppClientRecord>("jytOAuth2:client");
if (client == null)
{
return;
}
var refreshToken = new RefreshTokenRecord()
{
TokenId = TokenHelper.BuildHashToken(refreshTokenId),
ClientId = client.ClientId,
Subject = context.Ticket.Identity.Name,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(client.RefreshTokenLifecycle))//刷新令牌过期时间
};
context.Ticket.Properties.IssuedUtc = refreshToken.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = refreshToken.ExpiresUtc;
//这里不能随便移动,否则可能导致无法刷新令牌
refreshToken.ProtectedTicket = context.SerializeTicket();
//保存刷新令牌
var saveResult = (int)await _refreshTokenService.SaveAsync(refreshToken);
var isOK = saveResult > 0 ? true : false;
if (isOK)
{
context.SetToken(refreshTokenId);
}
}
public void RemoveRefreshToken(RefreshTokenRecord refreshToken)
{
_refreshTokenRepository.Delete(refreshToken);
TriggerSignal();
}
