public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { try { var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin") ?? "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); var hashedTokenId = Utilities.GetHash(context.Token); using (IApplicationRepository rep = new ApplicationRepository()) { var refreshToken = await rep.RefreshTokens.FindAsync(hashedTokenId); if (refreshToken != null) { //Get protectedTicket from refreshToken class context.DeserializeTicket(refreshToken.ProtectedTicket); var result = await rep.RefreshTokens.RemoveAsync(hashedTokenId); } } } catch (Exception e) { throw e; } }
/// <summary> /// validating the resource owner (user) credentials /// </summary> /// <param name="context"></param> /// <returns></returns> public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { //Allowing cross domain resources for external logins var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin") ?? "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); //Search user by username and password var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>(); var user = await userManager.FindAsync(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } using (IApplicationRepository repo = new ApplicationRepository()) { var oldtokens = (await repo.RefreshTokens.GetAllAsync()).Where(x => x.ExpiresUtc < DateTime.UtcNow || x.Subject.Equals(user.UserName)).ToList(); foreach (var token in oldtokens) { await repo.RefreshTokens.RemoveAsync(token); } } var clientId = context.OwinContext.Get<string>("as:clientId"); var identity = await user.GenerateUserIdentityAsync(userManager, "JWT", clientId); var props = new AuthenticationProperties(new Dictionary<string, string> { {"audience", context.ClientId} }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); }
public async Task CreateAsync(AuthenticationTokenCreateContext context) { if (!context.OwinContext.Environment.ContainsKey(IS_REFREHTOKEN_EXPIRED_NAME) || (bool)context.OwinContext.Environment[IS_REFREHTOKEN_EXPIRED_NAME]) { bool result = false; var refreshTokenId = Guid.NewGuid().ToString("n"); var clientId = context.Ticket.Properties.Dictionary["audience"]; var refreshTokenLifetime = context.OwinContext.Get<string>("as:clientRefreshTokenLifeTime") ?? "30"; var token = new RefreshToken() { Id = Utilities.GetHash(refreshTokenId), ClientId = clientId, Subject = context.Ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddDays(Double.Parse(refreshTokenLifetime)) }; context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; token.ProtectedTicket = context.SerializeTicket(); using (IApplicationRepository rep = new ApplicationRepository()) { result = await rep.RefreshTokens.AddAsync(token); } if (result) { context.SetToken(refreshTokenId); } } }