/// <summary> /// Grant a new access_token based on the current refresh_token. Here we couldvalidate whether the /// refresh token is still valid or revoked. /// </summary> public override async Task GrantRefreshToken(GrantRefreshTokenContext context) { var originalClient = context.AuthenticationTicket.Properties.Items["client_id"]; if (originalClient != context.ClientId) { context.Rejected("invalid_clientId", "Refresh token is issued to a different clientId."); return; } var properties = context.AuthenticationTicket.Properties; var validator = new RefreshTokenValidator(context.Request.RefreshToken, properties.Items["client_id"], context.AuthenticationTicket.Principal.GetClaim(ClaimTypes.NameIdentifier)); var result = await ExecuteMessage(context, validator); if (!result.Succeeded) { context.Rejected(OpenIdConnectConstants.Errors.InvalidRequest, "Could not validate refresh_token."); return; } var principal = new ClaimsPrincipal(context.AuthenticationTicket.Principal); var ticket = CreateAuthenticationTicket(principal, context.AuthenticationTicket.Properties, context.Options, context); context.Validated(ticket); }
public AuthenticationController(IUserRepository userRepository, IPasswordHasher passwordHasher, AccessTokenGenerator accessTokenGenerator, RefreshTokenGenerator refreshTokenGenerator, RefreshTokenValidator refreshTokenValidator, IRefreshTokenRepository refreshTokenRepository, Authenticator authenticator) { _userRepository = userRepository; _passwordHasher = passwordHasher; _refreshTokenValidator = refreshTokenValidator; _refreshTokenRepository = refreshTokenRepository; _authenticator = authenticator; }
protected override void When(TestContext <IMessageDispatcher> context) { var refreshToken = Guid.NewGuid().ToString("n"); var clientId = Guid.NewGuid().ToString("n"); var userId = Guid.NewGuid().ToString("n"); var query = new RefreshTokenValidator(refreshToken, clientId, userId); _result = context.Service.ExecuteNowWithTimeout(query); }
public AuthenticationController(UserManager <User> userRepository, Authenticator authenticator, RefreshTokenValidator refreshTokenValidator, IRefreshTokenRepository refreshTokenRepository) { _userRepository = userRepository; _authenticator = authenticator; _refreshTokenValidator = refreshTokenValidator; _refreshTokenRepository = refreshTokenRepository; }
public AuthenticationServiceForController(IAccountService accountService, IPasswordHasher passwordHasher, Authenticator authenticator, RefreshTokenValidator refreshTokenValidator, IRefreshTokenRepository refreshTokenRepository) { _accountService = accountService; _passwordHasher = passwordHasher; _authenticator = authenticator; _refreshTokenValidator = refreshTokenValidator; _refreshTokenRepository = refreshTokenRepository; }
public void Validates_Token() { const string expenseAidToken = "eyJ1c2VybmFtZSI6IkVBQUFBS1V1M1ZQMmdKdGFURFFSME1FV01rOFVmZHV3YlBQbjkwcTIrdVp2RHdGZ2dHZ0dOQkJ3NlBlZ255bnRDRWxHMmc9PSIsInNlc3Npb25JZCI6IjQwOTk0IiwiZXhwIjoxNDc0MzU5MDk4LjU2NDgwNjd9.zZy_0Ms86E4prSRNG6O1CERzgeC1q30rkXMrTzt-EAI"; const string expenseAidSigningKey = "eWHWsyQ0mCXcm9H0PB1R3ilu4aToXlud2yR6JmD5"; var validator = new RefreshTokenValidator( tokenSigner: new JwsTokenSigner( signingKey: expenseAidSigningKey), payloadDecoder: new PayloadDecoder()); var tokenResult = Token.Parse(expenseAidToken); var result = validator.Validate(tokenResult.Value); Assert.Null(result.FailureReason); Assert.True(result.IsValid); }
/// <summary> /// Grant a new access_token based on the current refresh_token. Here we couldvalidate whether the /// refresh token is still valid or revoked. /// </summary> public override async Task GrantRefreshToken(GrantRefreshTokenContext context) { var validator = new RefreshTokenValidator( context.Ticket.GetTicketId(), context.ClientId, context.Ticket.Principal.GetClaim(ClaimTypes.NameIdentifier)); var result = await ExecuteMessage(context, validator); if (!result.Succeeded) { context.Reject(OpenIdConnectConstants.Errors.InvalidRequest, "Could not validate refresh_token."); return; } var principal = new ClaimsPrincipal(context.Ticket.Principal); var ticket = CreateAuthenticationTicket(principal, context.Ticket.Properties, context.Options, context); context.Validate(ticket); }
protected override void When(TestContext <IMessageDispatcher> context) { var query = new RefreshTokenValidator(_refreshToken, _clientId, _userId); _result = context.Service.ExecuteNowWithTimeout(query); }