public async Task <IActionResult> RefreshToken(RefreshTokenOptions request) { if (!_cache.TryGetValue(request.RefreshToken, out string userId)) { ModelState.AddModelError("refreshtoken_failure", "Invalid refreshtoken."); return(BadRequest(ModelState)); } if (!request.UserId.Equals(userId)) { ModelState.AddModelError("refreshtoken_failure", "Invalid userName."); return(BadRequest(ModelState)); } LoginViewModel vm = new LoginViewModel { LoginUserId = userId }; var userInfo = await _userService.GetUserInfo(vm); string newRefreshToken = Guid.NewGuid().ToString(); var claimsIdentity = _jwtFactory.GenerateClaimsIdentity(userInfo); _cache.Remove(request.RefreshToken); _cache.Set(newRefreshToken, userInfo.UserId, TimeSpan.FromMinutes(11)); var token = await _jwtFactory.GenerateEncodeToken(userInfo.UserId, newRefreshToken, claimsIdentity); return(new OkObjectResult(token)); }
public RefreshTokenService(ICustomerManager customerManager, IOptionsMonitor <RefreshTokenOptions> optionsMonitor, IRepository <RefreshToken> repository) { this.options = optionsMonitor.CurrentValue; this.customerManager = customerManager; this.repository = repository; }
public AccountController(IConfiguration configuration, RefreshTokenOptions refreshTokenOptions) { this.SessionSetEnabled = configuration.GetValue <bool>("SessionSetEnabled"); _refreshTokenOptions = refreshTokenOptions ?? throw new ArgumentNullException(nameof(refreshTokenOptions)); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { var mvcBuilder = services.AddControllersWithViews() .AddSessionStateTempDataProvider() .AddMvcLocalization() .AddDataAnnotationsLocalization(); #if DEBUG if (_env.IsDevelopment()) { mvcBuilder.AddRazorRuntimeCompilation(); } #endif var enableAdaptiveSampling = _configuration.GetValue <bool>("EnableAdaptiveSampling"); if (!enableAdaptiveSampling) { var aiOptions = new ApplicationInsightsServiceOptions { EnableAdaptiveSampling = false, InstrumentationKey = _configuration.GetValue <string>("APPINSIGHTS_INSTRUMENTATIONKEY") }; services.AddApplicationInsightsTelemetry(aiOptions); } var redisConnectionString = _configuration["redisServerUrl"]; var redis = ConnectionMultiplexer.Connect(redisConnectionString); services.AddDataProtection() .PersistKeysToStackExchangeRedis(redis, "BSS-Portal-DataProtection-Keys"); services.AddSession(options => { options.IdleTimeout = TimeSpan.FromMinutes(60); options.Cookie.HttpOnly = true; options.Cookie.IsEssential = true; }); services.AddStackExchangeRedisCache(options => { options.Configuration = redisConnectionString; options.InstanceName = "BSS-Portal-Session-"; }); var experianToken = _configuration["ExperianToken"]; var integrationApiUrl = _configuration.GetValue <string>("IntegrationAPIUrl"); var openIdAuthenticationConfigurationSection = _configuration.GetSection("Authentication"); var coutryList = new CountryList(); _configuration.Bind("CountryList", coutryList); services.AddSingleton(coutryList); var refreshTokenOptions = new RefreshTokenOptions(); openIdAuthenticationConfigurationSection.Bind(refreshTokenOptions); services.AddSingleton(refreshTokenOptions); services.AddAuthorization(opt => { opt.ConfigureAuthorizationPolicies(); }); var authenticationLifetimeFromHours = _configuration.GetValue <int>("AuthenticationLifetimeFromHours"); services.ConfigureAuthentication(opt => { openIdAuthenticationConfigurationSection.Bind(opt); }, authenticationLifetimeFromHours); services.AddScoped <IAuthorizationHandler, OrganisationAuthorizationHandler>(); services.AddSingleton <CookieEvents>((serviceProvider) => { var accessTokenExpirationThresholdMinutes = _configuration.GetValue <int>("AccessTokenExpirationThresholdMinutes"); var accessTokenExpirationThreshold = TimeSpan.FromMinutes(accessTokenExpirationThresholdMinutes); return(new CookieEvents(accessTokenExpirationThreshold)); }); services.AddScoped <BannerService>(); // API Integration services.AddHttpContextAccessor(); services.AddScoped <IRestClientFactory, RestClientFactory>(); services.AddScoped <IApiClient, ApiClient>(x => new OrganisationApiClient(x.GetRequiredService <IRestClientFactory>(), integrationApiUrl, x.GetRequiredService <IHttpContextAccessor>(), x.GetRequiredService <ILogger <OrganisationApiClient> >())); services.AddScoped <IIntegrationGateway, IntegrationGateway>(); services.AddScoped <ICreditorServiceGateway, CreditorServiceGateway>(); // Experian Integration services.AddScoped <IClientMessageInspector, TokenInjectionInspector>(x => new TokenInjectionInspector(experianToken)); services.AddScoped <IEndpointBehavior, AuthTokenInjectorBehavior>(x => new AuthTokenInjectorBehavior(x.GetServices <IClientMessageInspector>().ToArray())); services.AddScoped <IQAPortTypeClient, QAPortTypeClient>(x => new QAPortTypeClient(x.GetRequiredService <IEndpointBehavior>())); services.AddScoped <IAddressLookupClient, AddressLookupClient>(); services.AddScoped <IAddressLookupGateway, AddressLookupGateway>(); //services.AddScoped<IAddressLookupGateway, MockAddressLookupGateway>(); services.AddApplicationInsightsTelemetry(_configuration["APPINSIGHTS_INSTRUMENTATIONKEY"]); services.AddHealthChecks(); }