public async Task <bool> AddRefreshTokenAsync(AuthRefreshToken token)
{
var existingToken = Context.RefreshTokens.Where(r => r.Subject == token.Subject && r.ClientId == token.ClientId).SingleOrDefault();
if (existingToken != null)
{
var result = await RemoveRefreshTokenAsync(existingToken);
}
Context.RefreshTokens.Add(token);
bool success = await Context.SaveChangesAsync() > 0;
if (!success)
{
//Logger().Error($"Could not add Refresh Token for {token.Subject} {token.ClientId}");
}
return(success);
}
private async Task <IActionResult> GenerateToken(GenerateJwtViewModel model)
{
var client = await _authClientRepo.GetAsync(model.client_id);
if (client == null)
{
return(BadRequestWithErrors("invalid_client", "client_id"));
}
if (client.ApplicationType != ApplicationType.JavaScript && client.Secret != model.client_secret) // we should compare with hash, in future
{
return(BadRequestWithErrors("invalid_secret", "client_secret"));
}
var user = await _userMgr.FindByNameAsync(model.username);
if (user == null)
{
return(BadRequestWithErrors("user_not_found!", "username"));
}
if (user != null && string.IsNullOrEmpty(model.password) || _hasher.VerifyHashedPassword(user, user.PasswordHash, model.password) == PasswordVerificationResult.Success)
{
var refreshTokenKey = Guid.NewGuid().ToString("n");
var refreshToken = new AuthRefreshToken(model.client_id, model.username, refreshTokenKey, DateTime.UtcNow.AddMinutes(client.RefreshTokenLifeTime));
if (_authRefreshTokenRepo.AddToken(refreshToken))
{
return(Ok(await GetJwt(model.client_id, client.RefreshTokenLifeTime, refreshTokenKey, user)));
}
else
{
return(BadRequestWithErrors("can_not_add_token_to_database"));
}
}
return(BadRequestWithErrors("wrong_password!", "password"));
}
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var refreshTokenId = Guid.NewGuid().ToString("n");
using (IAuthDataAccess repo = CC.IoC.Resolve <IAuthDataAccess>())
{
var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime");
var token = new AuthRefreshToken()
{
Id = CryptoHelper.Hash(refreshTokenId),
ClientId = clientid,
Subject = context.Ticket.Identity.Name,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime))
};
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
token.ProtectedTicket = context.SerializeTicket();
var result = await repo.AddRefreshTokenAsync(token);
if (result)
{
context.SetToken(refreshTokenId);
}
}
}
public bool ExpireToken(AuthRefreshToken token)
{
_context.AuthRefreshTokens.Update(token);
return(_context.SaveChanges() > 0);
}
public bool AddToken(AuthRefreshToken token)
{
_context.AuthRefreshTokens.Add(token);
return(_context.SaveChanges() > 0);
}
public async Task <bool> RemoveRefreshTokenAsync(AuthRefreshToken refreshToken)
{
Context.RefreshTokens.Remove(refreshToken);
return(await Context.SaveChangesAsync() > 0);
}