/// <summary>
        /// Refreshes an access token by expiring the existing tokens and creating a new appauthorization entry
        /// TODO: allow expiration dates
        /// </summary>
        /// <param name="appAuth"></param>
        /// <returns></returns>
        public static AppAuthorization AccessTokenRefresh(AppAuthorization appAuth)
        {
            // expire previous token
            using (AuthorizationDataContext oauthDataCtxt = new AuthorizationDataContext(System.Configuration.ConfigurationManager.ConnectionStrings["OAuthDb"].ConnectionString))
            {
                /// expire old auth
                var oldAppAuth = oauthDataCtxt.AppAuthorizations.First(a => a.Id == appAuth.Id);
                oldAppAuth.AuthTokenExpiration    = DateTime.UtcNow;
                oldAppAuth.RefreshTokenExpiration = DateTime.UtcNow;

                // create new auth
                var newAppAuth = new AppAuthorization()
                {
                    AppId        = appAuth.AppId,
                    UserId       = appAuth.UserId,
                    Scope        = appAuth.Scope,
                    AuthToken    = GenerateToken(),
                    RefreshToken = GenerateToken(),
                    Created      = DateTime.UtcNow
                };

                oauthDataCtxt.AppAuthorizations.InsertOnSubmit(newAppAuth);

                oauthDataCtxt.SubmitChanges();

                return(newAppAuth as AppAuthorization);
            }
        }
        /// <summary>
        /// The OAuth 2.0 token endpoint.
        /// </summary>
        /// <returns>The response to the Client.</returns>
        public string Post(AccessTokenRequest tokenRequest)
        {
            // only 'refresh' is implemented
            if (tokenRequest.grant_type == GRANT_REFRESH)
            {
                string refreshToken = this.Request.RequestUri.ParseQueryString()["refresh_token"];

                AppAuthorization appAuth = OAuthTokenUtility.ValidateRefreshToken(tokenRequest.app_id, tokenRequest.app_secret, refreshToken);

                if (appAuth == null)
                {
                    // invalid request
                    return(Newtonsoft.Json.JsonConvert.SerializeObject(new ErrorMessage()
                    {
                        Type = "OAuthException", Message = "could not grant refreshed access token. please check your client id, client secret, and refresh token id (did it expire?)"
                    }));
                }
                else
                {
                    // create new access token
                    AppAuthorization newAppAuth = OAuthTokenUtility.AccessTokenRefresh(appAuth);

                    return(Newtonsoft.Json.JsonConvert.SerializeObject(new AccessTokenMessage()
                    {
                        access_token = newAppAuth.AuthToken,
                        refresh_token = newAppAuth.RefreshToken,
                        token_type = "bearer",
                        expiration_utc = newAppAuth.AuthTokenExpiration,
                        scope = newAppAuth.Scope
                    }));
                }
            }

            if (tokenRequest.grant_type == GRANT_ACCESS)
            {
                // requesting an authorization token using a short lived auth code
                var authCode = this.Request.RequestUri.ParseQueryString()["code"];

                return(Newtonsoft.Json.JsonConvert.SerializeObject(new ErrorMessage()
                {
                    Type = "OAuthException", Message = "new access tokens not granted by this server"
                }));
            }

            return(Newtonsoft.Json.JsonConvert.SerializeObject(new ErrorMessage()
            {
                Type = "OAuthException", Message = "not a valid grant_type"
            }));
        }
        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseHttpsRedirection();

            app.UseRouting();

            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers();
            });

            AppAuthorization.Execute(Configuration);
        }
Exemple #4
0
        // Custom User Identity / Principal
        protected void Application_OnAuthenticateRequest(object sender, EventArgs e)
        {
            // Get Custom User Session
            var ticket = AppAuthorization.GetSession();

            if (ticket == null)
            {
                return;
            }

            // Use Custom User Session to update Asp.net Identity
            var user = new FoundationPrincipal
            {
                Identity = new FoundationIdentity
                {
                    Name            = ticket.UserId,
                    IsAuthenticated = ticket.IsAuthenticated,
                }
            };

            HttpContext.Current.User = user;
        }