public async Task <IApplicationUser> RefreshJWTToken(IJWTAccessToken accessToken) { try { var claimsPrincipal = ValidateTokenClaimsPrincipal(accessToken.access_token); var id = GetClaimFromPrincipal <int>(claimsPrincipal, ClaimTypes.NameIdentifier); if (id != default) { var user = await _context.Users.FindAsync(id); //ensure user is who they say they are if (user?.ID > 0 && user.JWT == accessToken.access_token && !string.IsNullOrEmpty(user.GitHubToken)) //todo: check token w github.com { return(new ApplicationUser(IssueJWTToken(user, user.GitHubToken), user.GitHubLogin)); } } } catch (Exception) { } _identity.SetIdentity(); return(new ApplicationUser()); }
public void SetIdentity(IJWTAccessToken accessToken = null, Claim[] claims = null, IAccessToken gitHubAccessToken = null) { if (_httpContextAccessor?.HttpContext == null) { return; } //remove previous if exists _httpContextAccessor .HttpContext .Response .Cookies.Delete(IdentityConstants.JWT_ACCESS_TOKEN_COOKIE_KEY); //clear authenticated flag _httpContextAccessor .HttpContext .Session .Remove(IdentityConstants.AUTHENTICATED_SESSION_KEY); //clear github access token _httpContextAccessor .HttpContext .Session .Remove(IdentityConstants.GITHUB_ACCESS_TOKEN); if (accessToken != null) { //add or replace token _httpContextAccessor .HttpContext .Response .Cookies.Append(IdentityConstants.JWT_ACCESS_TOKEN_COOKIE_KEY, JsonSerializer.Serialize(accessToken), new CookieOptions { HttpOnly = true, Expires = Convert.ToDateTime(accessToken.expires_at) }); //reset authenticated flag _httpContextAccessor .HttpContext .Session .Set(IdentityConstants.AUTHENTICATED_SESSION_KEY, true); if (claims != null) { //add to new identity claims var identity = new ClaimsIdentity(claims); var principal = new ClaimsPrincipal(identity); _httpContextAccessor.HttpContext.User = principal; Thread.CurrentPrincipal = principal; } if (gitHubAccessToken != null) { //set github access token for user _httpContextAccessor .HttpContext .Session .Set(IdentityConstants.GITHUB_ACCESS_TOKEN, gitHubAccessToken); } } }