private async Task <IdentityResult> EnsureRole(
ICustomRoleManager roleManager,
ICustomUserManager userManager,
string uid, string role)
{
IdentityResult IR = null;
if (roleManager == null)
{
throw new Exception("roleManager null");
}
if (!await roleManager.RoleExistsAsync(role))//ensure that current role doesn't exists and create it
{
IR = await roleManager.CreateAsync(new CustomRole(role));
}
var user = await userManager.FindByIdAsync(uid);
if (user == null)
{
throw new Exception("User does not exists!");
}
if (!await userManager.IsInRoleAsync(user, role))
{
IR = await userManager.AddToRoleAsync(user, role);
}
return(IR);
}
public async Task <AuthenticationResult> RefreshTokenAsync(string token, string refreshToken)
{
var validatedToken = GetPrincipalFromToken(token);
if (validatedToken == null)
{
return(new AuthenticationResult {
Errors = new[] { "Invalid Token" }
});
}
var expiryDateUnix =
long.Parse(validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value);
var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)
.AddSeconds(expiryDateUnix);
if (expiryDateTimeUtc > DateTime.UtcNow)
{
return(new AuthenticationResult {
Errors = new[] { "This token hasn't expired yet" }
});
}
var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value;
var storedRefreshToken = await _context.RefreshTokens.SingleOrDefaultAsync(x => x.Token == refreshToken);
if (storedRefreshToken == null)
{
return(new AuthenticationResult {
Errors = new[] { "This refresh token does not exist" }
});
}
if (DateTime.UtcNow > storedRefreshToken.ExpiryDate)
{
return(new AuthenticationResult {
Errors = new[] { "This refresh token has expired" }
});
}
if (storedRefreshToken.Invalidated)
{
return(new AuthenticationResult {
Errors = new[] { "This refresh token has been invalidated" }
});
}
if (storedRefreshToken.Used)
{
return(new AuthenticationResult {
Errors = new[] { "This refresh token has been used" }
});
}
if (storedRefreshToken.JwtId != jti)
{
return(new AuthenticationResult {
Errors = new[] { "This refresh token does not match this JWT" }
});
}
storedRefreshToken.Used = true;
_context.RefreshTokens.Update(storedRefreshToken);
await _context.SaveChangesAsync();
var user = await _userManager.FindByIdAsync(validatedToken.Claims.Single(x => x.Type == "id").Value);
return(await GenerateAuthenticationResultForUserAsync(user));
}
