/// <summary> /// Refreshes an access token. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <returns>A token response.</returns> public async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken) { _logger.LogTrace("RefreshTokenAsync"); await EnsureConfigurationAsync(); var client = TokenClientFactory.Create(_options); var response = await client.RequestRefreshTokenAsync(refreshToken); if (response.IsError) { return(new RefreshTokenResult { Error = response.Error }); } // validate token response var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : _options.Policy.RequireIdentityTokenOnRefreshTokenResponse); if (validationResult.IsError) { return(new RefreshTokenResult { Error = validationResult.Error }); } return(new RefreshTokenResult { IdentityToken = response.IdentityToken, AccessToken = response.AccessToken, RefreshToken = response.RefreshToken, ExpiresIn = (int)response.ExpiresIn }); }
/// <summary> /// Refreshes an access token. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <param name="extraParameters">The extra parameters.</param> /// <returns> /// A token response. /// </returns> public virtual async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken, object extraParameters = null) { _logger.LogTrace("RefreshTokenAsync"); await EnsureConfigurationAsync(); var client = TokenClientFactory.Create(_options); var response = await client.RequestRefreshTokenAsync(refreshToken, extra : extraParameters); if (response.IsError) { return(new RefreshTokenResult { Error = response.Error }); } // validate token response var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : _options.Policy.RequireIdentityTokenOnRefreshTokenResponse); if (validationResult.IsError) { return(new RefreshTokenResult { Error = validationResult.Error }); } return(new RefreshTokenResult { IdentityToken = response.IdentityToken, AccessToken = response.AccessToken, RefreshToken = response.RefreshToken, ExpiresIn = (int)response.ExpiresIn, AccessTokenExpiration = DateTime.Now.AddSeconds(response.ExpiresIn) }); }
/// <summary> /// Refreshes an access token. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <returns>A token response.</returns> public async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken, Task <RsaSecurityKey> pregeneratedPopKeyTask = null) { if (string.IsNullOrEmpty(refreshToken)) { throw new ArgumentException("refreshToken"); } _logger.LogTrace("RefreshTokenAsync"); await EnsureConfigurationAsync().ConfigureAwait(false); var client = TokenClientFactory.Create(_options); TokenResponse response; SigningCredentials popSigner = null; if (_options.RequestPopTokens) { //-- PoP Key Creation _logger.LogTrace("CreateProviderForPopToken"); var popKey = await(pregeneratedPopKeyTask ?? PopTokenExtensions.CreateProviderForPopTokenAsync()).ConfigureAwait(false); var jwk = popKey.ToJwk(); response = await client.RequestRefreshTokenPopAsync(refreshToken, jwk.Alg, jwk.ToJwkString()).ConfigureAwait(false); popSigner = new SigningCredentials(popKey, "RS256"); } else { response = await client.RequestRefreshTokenAsync(refreshToken).ConfigureAwait(false); } if (response.IsError) { return(new RefreshTokenResult { Error = response.Error }); } // validate token response var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : _options.Policy.RequireIdentityTokenOnRefreshTokenResponse).ConfigureAwait(false); if (validationResult.IsError) { return(new RefreshTokenResult { Error = validationResult.Error }); } return(new RefreshTokenResult { IdentityToken = response.IdentityToken, AccessToken = response.AccessToken, RefreshToken = response.RefreshToken, ExpiresIn = (int)response.ExpiresIn, PopTokenKey = popSigner }); }
/// <summary> /// Refreshes an access token. /// </summary> /// <param name="refreshToken">The refresh token.</param> /// <param name="backChannelParameters">Back-channel parameters</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// A token response. /// </returns> public virtual async Task <RefreshTokenResult> RefreshTokenAsync( string refreshToken, Parameters backChannelParameters = null, CancellationToken cancellationToken = default) { _logger.LogTrace("RefreshTokenAsync"); await EnsureConfigurationAsync(cancellationToken); backChannelParameters = backChannelParameters ?? new Parameters(); var client = Options.CreateClient(); var response = await client.RequestRefreshTokenAsync(new RefreshTokenRequest { Address = Options.ProviderInformation.TokenEndpoint, ClientId = Options.ClientId, ClientSecret = Options.ClientSecret, ClientAssertion = Options.ClientAssertion, ClientCredentialStyle = Options.TokenClientCredentialStyle, RefreshToken = refreshToken, Parameters = backChannelParameters }, cancellationToken).ConfigureAwait(false); if (response.IsError) { return(new RefreshTokenResult { Error = response.Error, ErrorDescription = response.ErrorDescription, }); } // validate token response var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : Options.Policy.RequireIdentityTokenOnRefreshTokenResponse, cancellationToken : cancellationToken); if (validationResult.IsError) { return(new RefreshTokenResult { Error = validationResult.Error }); } return(new RefreshTokenResult { IdentityToken = response.IdentityToken, AccessToken = response.AccessToken, RefreshToken = response.RefreshToken, ExpiresIn = response.ExpiresIn, AccessTokenExpiration = DateTimeOffset.Now.AddSeconds(response.ExpiresIn) }); }