public async Task <TokenResponse> RefreshTokenAsync(string token, string refreshToken)
{
var validatedToken = CheckRole.getPrincipalFromToken(token, _configuration);
if (validatedToken == null)
{
return(null);
}
var expiryDateUnix = long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);
var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expiryDateUnix);
if (expiryDateTimeUtc > DateTime.UtcNow)
{
return(null);
}
var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;
var storedRefreshToken = await _tokenDb.findTokenAsync(token);
if (storedRefreshToken == null || DateTime.UtcNow > storedRefreshToken.Expires || storedRefreshToken.Invalidated ||
storedRefreshToken.Used || storedRefreshToken.JwtId != jti)
{
return(null);
}
storedRefreshToken.Used = true;
bool result = await _tokenDb.updateTokenAsync(storedRefreshToken);
if (!result)
{
return(null);
}
User currentUser = await getUserByIdAsync(validatedToken.Claims.Single(x => x.Type == "id").Value);
if (currentUser == null)
{
return(null);
}
else
{
return(await LoginAsync(currentUser.EmailAddress, currentUser.Password));
}
}
public IActionResult CurrentUserId()
{
var authorization = Request.Headers[HeaderNames.Authorization];
if (AuthenticationHeaderValue.TryParse(authorization, out var headerValue))
{
var token = headerValue.Parameter;
var validatedToken = CheckRole.getPrincipalFromToken(token, _configuration);
string userId = validatedToken.Claims.Single(x => x.Type == "id").Value;
if (userId != null)
{
return(Ok(new Response <string>(userId)));
}
}
return(BadRequest("Cannot get the id of the current user"));
}
