Exemple #1
0
        public async Task <ActionResult> RefreshAsync(RefreshRequest refreshRequest, ModelStateDictionary modelState)
        {
            if (!modelState.IsValid)
            {
                return(BadRequestModelState(modelState));
            }

            bool isValidRefreshToken = _refreshTokenValidator.Validate(refreshRequest.RefreshToken);

            if (!isValidRefreshToken)
            {
                return(new BadRequestObjectResult(new ErrorResponse("Invalid refresh token.")));
            }

            RefreshToken refreshTokenDTO = await _refreshTokenRepository.GetByTokenAsync(refreshRequest.RefreshToken);

            if (refreshTokenDTO == null)
            {
                return(new NotFoundObjectResult(new ErrorResponse("Invalid refresh token.")));
            }

            await _refreshTokenRepository.DeleteAsync(refreshTokenDTO.Id);

            Account account = await _accountService.GetAsync(refreshTokenDTO.AccountId);

            if (account == null)
            {
                return(new NotFoundObjectResult(new ErrorResponse("Account not found.")));
            }

            AuthenticatedAccountResponse response = await _authenticator.AuthenticateAsync(account);

            return(new OkObjectResult(response));
        }
        public async Task <RefreshTokenAccountResponseViewModel> RefreshToken(RefreshTokenAccountRequestViewModel refreshTokenAccountRequestViewModel)
        {
            RefreshToken currentRefreshToken = await _refreshTokenRepository.GetByTokenAsync(refreshTokenAccountRequestViewModel.RefreshToken);

            if (currentRefreshToken == null)
            {
                throw new IdentityException("Refresh token is not valid.");
            }

            if (currentRefreshToken.ExpiresUtc < DateTime.Now.ToUniversalTime())
            {
                throw new IdentityException("Refresh token has expired.");
            }

            Token token = await GetToken(currentRefreshToken.AccountId, currentRefreshToken.Account.Email);

            var refreshTokenAccountResponseViewModel = new RefreshTokenAccountResponseViewModel
            {
                AccessToken  = token.AccessToken,
                RefreshToken = token.RefreshToken,
                AccessTokenExpirationDate  = token.AccessTokenExpirationDate,
                RefreshTokenExpirationDate = token.RefreshTokenExpirationDate,
                AccountId = token.Id
            };

            return(refreshTokenAccountResponseViewModel);
        }
Exemple #3
0
        public async Task <AuthenticationResult> RefreshTokenAsync(string token, string refreshToken)
        {
            var validatedToken = GetClaimsPrincipalFromToken(token);

            if (validatedToken == null)
            {
                return(new AuthenticationResult
                {
                    ErrorMessages = new List <string> {
                        "Invalid token"
                    }
                });
            }

            var expiryDateUnix =
                long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);
            var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc).AddSeconds(expiryDateUnix);

            if (expiryDateTimeUtc > DateTime.UtcNow)
            {
                return(new AuthenticationResult
                {
                    ErrorMessages = new List <string> {
                        "This token hasn't expired yet"
                    }
                });
            }

            var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;
            var storeRefreshToken = await _refreshTokenRepository.GetByTokenAsync(refreshToken);

            if (storeRefreshToken == null)
            {
                return(new AuthenticationResult
                {
                    ErrorMessages = new List <string> {
                        "This refresh token does not exist"
                    }
                });
            }

            if (DateTime.UtcNow > storeRefreshToken.ExpiredOnUtc)
            {
                return(new AuthenticationResult
                {
                    ErrorMessages = new List <string> {
                        "This refresh token has expired"
                    }
                });
            }

            if (storeRefreshToken.Invalidated)
            {
                return(new AuthenticationResult
                {
                    ErrorMessages = new List <string> {
                        "This refresh token has been invalidated"
                    }
                });
            }

            if (storeRefreshToken.JwtId != jti)
            {
                return(new AuthenticationResult
                {
                    ErrorMessages = new List <string> {
                        "This refresh token does not match JWT"
                    }
                });
            }

            storeRefreshToken.Used = true;
            await _refreshTokenRepository.UpdateAsync(storeRefreshToken);

            await _unitOfWork.SaveChangesAsync();

            var user = await _userManager.FindByIdAsync((validatedToken.Claims.Single(x => x.Type == "id").Value));

            return(await GenerateAuthenticationResultForUserAsync(user));
        }