/// <summary>
/// Grant a new access_token based on the current refresh_token. Here we couldvalidate whether the
/// refresh token is still valid or revoked.
/// </summary>
public override async Task GrantRefreshToken(GrantRefreshTokenContext context)
{
var originalClient = context.AuthenticationTicket.Properties.Items["client_id"];
if (originalClient != context.ClientId)
{
context.Rejected("invalid_clientId", "Refresh token is issued to a different clientId.");
return;
}
var properties = context.AuthenticationTicket.Properties;
var validator = new RefreshTokenValidator(context.Request.RefreshToken,
properties.Items["client_id"],
context.AuthenticationTicket.Principal.GetClaim(ClaimTypes.NameIdentifier));
var result = await ExecuteMessage(context, validator);
if (!result.Succeeded)
{
context.Rejected(OpenIdConnectConstants.Errors.InvalidRequest, "Could not validate refresh_token.");
return;
}
var principal = new ClaimsPrincipal(context.AuthenticationTicket.Principal);
var ticket = CreateAuthenticationTicket(principal, context.AuthenticationTicket.Properties, context.Options, context);
context.Validated(ticket);
}
public AuthenticationController(IUserRepository userRepository, IPasswordHasher passwordHasher, AccessTokenGenerator accessTokenGenerator, RefreshTokenGenerator refreshTokenGenerator, RefreshTokenValidator refreshTokenValidator, IRefreshTokenRepository refreshTokenRepository, Authenticator authenticator)
{
_userRepository = userRepository;
_passwordHasher = passwordHasher;
_refreshTokenValidator = refreshTokenValidator;
_refreshTokenRepository = refreshTokenRepository;
_authenticator = authenticator;
}
protected override void When(TestContext <IMessageDispatcher> context)
{
var refreshToken = Guid.NewGuid().ToString("n");
var clientId = Guid.NewGuid().ToString("n");
var userId = Guid.NewGuid().ToString("n");
var query = new RefreshTokenValidator(refreshToken, clientId, userId);
_result = context.Service.ExecuteNowWithTimeout(query);
}
public AuthenticationController(UserManager <User> userRepository,
Authenticator authenticator,
RefreshTokenValidator refreshTokenValidator,
IRefreshTokenRepository refreshTokenRepository)
{
_userRepository = userRepository;
_authenticator = authenticator;
_refreshTokenValidator = refreshTokenValidator;
_refreshTokenRepository = refreshTokenRepository;
}
public AuthenticationServiceForController(IAccountService accountService, IPasswordHasher passwordHasher,
Authenticator authenticator, RefreshTokenValidator refreshTokenValidator,
IRefreshTokenRepository refreshTokenRepository)
{
_accountService = accountService;
_passwordHasher = passwordHasher;
_authenticator = authenticator;
_refreshTokenValidator = refreshTokenValidator;
_refreshTokenRepository = refreshTokenRepository;
}
public void Validates_Token()
{
const string expenseAidToken = "eyJ1c2VybmFtZSI6IkVBQUFBS1V1M1ZQMmdKdGFURFFSME1FV01rOFVmZHV3YlBQbjkwcTIrdVp2RHdGZ2dHZ0dOQkJ3NlBlZ255bnRDRWxHMmc9PSIsInNlc3Npb25JZCI6IjQwOTk0IiwiZXhwIjoxNDc0MzU5MDk4LjU2NDgwNjd9.zZy_0Ms86E4prSRNG6O1CERzgeC1q30rkXMrTzt-EAI";
const string expenseAidSigningKey = "eWHWsyQ0mCXcm9H0PB1R3ilu4aToXlud2yR6JmD5";
var validator = new RefreshTokenValidator(
tokenSigner: new JwsTokenSigner(
signingKey: expenseAidSigningKey),
payloadDecoder: new PayloadDecoder());
var tokenResult = Token.Parse(expenseAidToken);
var result = validator.Validate(tokenResult.Value);
Assert.Null(result.FailureReason);
Assert.True(result.IsValid);
}
/// <summary>
/// Grant a new access_token based on the current refresh_token. Here we couldvalidate whether the
/// refresh token is still valid or revoked.
/// </summary>
public override async Task GrantRefreshToken(GrantRefreshTokenContext context)
{
var validator = new RefreshTokenValidator(
context.Ticket.GetTicketId(),
context.ClientId,
context.Ticket.Principal.GetClaim(ClaimTypes.NameIdentifier));
var result = await ExecuteMessage(context, validator);
if (!result.Succeeded)
{
context.Reject(OpenIdConnectConstants.Errors.InvalidRequest, "Could not validate refresh_token.");
return;
}
var principal = new ClaimsPrincipal(context.Ticket.Principal);
var ticket = CreateAuthenticationTicket(principal, context.Ticket.Properties, context.Options, context);
context.Validate(ticket);
}
protected override void When(TestContext <IMessageDispatcher> context)
{
var query = new RefreshTokenValidator(_refreshToken, _clientId, _userId);
_result = context.Service.ExecuteNowWithTimeout(query);
}
