public async Task <IActionResult> Login([FromBody] LoginRequest loginRequest)
{
if (!ModelState.IsValid)
{
return(BadRequestState());
}
User user = await _userRepository.GetByUsername(loginRequest.Username);
if (user == null)
{
return(Unauthorized());
}
bool isCorrectPassword = _passwordHasher.VerifyPassword(loginRequest.Password, user.PasswordHash);
if (!isCorrectPassword)
{
return(Unauthorized());
}
AuthenticatedUserResponse response = await _authenticator.Authenticate(user);
return(Ok(response));
}
public async Task <bool> RefreshToken()
{
try
{
using (var client = new HttpClient(new NativeMessageHandler()))
{
var url = String.Format(AppSettings.MicrosoftAuthEndpoint, AppSettings.MicrosoftTenant);
var content = new FormUrlEncodedContent(new Dictionary <string, string>
{
{ "grant_type", "refresh_token" },
{ "client_id", AppSettings.MicrosoftApiClientId },
{ "resource", AppSettings.MicrosoftResource },
{ "refresh_token", AppSettings.AuthenticatedUserResponse.RefreshToken }
});
var response = await client.PostAsync(url, content);
var json = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
var tokenResponse = JsonConvert.DeserializeObject <AuthenticatedRefreshTokenResponse>(json);
AppSettings.AuthenticatedUserResponse = AuthenticatedUserResponse.Mapper(AppSettings.AuthenticatedUserResponse, tokenResponse);
await _cacheEntity.InsertObjectAsync(AppSettings.IdAppCache, true, DateTimeOffset.Now.AddSeconds(Double.Parse(AppSettings.AuthenticatedUserResponse.ExpiresIn)));
}
return(response.IsSuccessStatusCode);
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine($"Error with refresh Token authentication: {ex}");
return(false);
}
}
public async Task <IActionResult> Refresh([FromBody] RefreshRequest refreshRequest)
{
if (!ModelState.IsValid)
{
return(BadRequestState());
}
bool isValidRefreshToken = _refreshTokenValidator.Validate(refreshRequest.RefreshToken);
if (!isValidRefreshToken)
{
return(BadRequest(new ErrorResponse("Invalid refresh token")));
}
RefreshToken refreshTokenDTO = await _refreshTokenRepository.GetByToken(refreshRequest.RefreshToken);
if (refreshTokenDTO == null)
{
return(NotFound(new ErrorResponse("Invalid refresh token")));
}
_refreshTokenRepository.Delete(refreshTokenDTO.Id);
User user = await _userRepository.GetById(refreshTokenDTO.UserId);
if (user == null)
{
return(NotFound(new ErrorResponse("User not found")));
}
AuthenticatedUserResponse response = await _authenticator.Authenticate(user);
return(Ok(response));
}
public async Task <IActionResult> Login([FromBody] LoginRequest loginRequest)
{
if (!ModelState.IsValid)
{
return(BadRequestModelState());
}
User user = await _userRepository.FindByNameAsync(loginRequest.Username);
if (user == null)
{
return(Unauthorized());
}
bool isCorrectPassword = await _userRepository.CheckPasswordAsync(user, loginRequest.Password);
if (!isCorrectPassword)
{
return(Unauthorized());
}
AuthenticatedUserResponse response = await _authenticator.Authenticate(user);
return(Ok(response));
}
private async Task RefreshAccessToken()
{
AuthenticatedUserResponse authenticatedUserResponse = await _refreshService.Refresh(new RefreshRequest
{
RefreshToken = _tokenStore.RefreshToken
});
_tokenStore.AccessToken = authenticatedUserResponse.AccessToken;
_tokenStore.AccessTokenExpirationTime = authenticatedUserResponse.AccessTokenExpirationTime;
_tokenStore.RefreshToken = authenticatedUserResponse.RefreshToken;
}
public static AuthenticatedUserResponse WithoutPassword(this User user)
{
var newUser = new AuthenticatedUserResponse();
newUser.Id = user.Id;
newUser.FirstName = user.FirstName;
newUser.LastName = user.LastName;
newUser.Email = user.Email;
newUser.Token = user.Token;
return(newUser);
}
static async Task Main(string[] args)
{
string authenticationBaseUrl = "http://*****:*****@gmail.com",
Username = "******",
Password = "******",
ConfirmPassword = "******"
});
}
catch (ApiException ex)
{
ErrorResponse errorResponse = await ex.GetContentAsAsync <ErrorResponse>();
Console.WriteLine(errorResponse.ErrorMessages.FirstOrDefault());
}
AuthenticatedUserResponse loginResponse = await loginService.Login(new LoginRequest()
{
Username = "******",
Password = "******",
});
tokenStore.AccessToken = loginResponse.AccessToken;
tokenStore.AccessTokenExpirationTime = loginResponse.AccessTokenExpirationTime;
tokenStore.RefreshToken = loginResponse.RefreshToken;
DataResponse dataResponse = await dataService.GetData();
Console.ReadKey();
}
public async Task <AuthenticatedUserResponse> GetUser()
{
_logger.LogInformation("GetUser called");
var accessToken = await HttpContext.GetTokenAsync("access_token");
AuthenticatedUserResponse authenticatedUserModel = new AuthenticatedUserResponse
{
Name = User.Identity.Name,
Email = User.Claims.FirstOrDefault(claim => claim.Type == Constants.EmailClaimType)?.Value,
Roles = User.Claims.FirstOrDefault(claim => claim.Type == Constants.RoleClaimType)?.Value?.Split(','),
EmployeeNumber = User.Claims.FirstOrDefault(claim => claim.Type == Constants.UpnClaimType)?.Value?.Split('@')[0],
StatusCode = StatusCodes.Status200OK
};
return(authenticatedUserModel);
}
public async Task <AuthenticatedUserResponse> Get()
{
var user = await _authenticatedUser.GetUserAsync();
return(await AuthenticatedUserResponse.CreateFromUserAsync(user));
}
