private Task CreateRefreshTokenAsync(AuthenticationTokenCreateContext context)
{
var refreshTokenLifeTimeMinutes = 3;
var tokenBody = PasswordHelper.CreateShaHash(context.Ticket.Identity.Name + Guid.NewGuid());
var userId = new Guid(context.Ticket.Properties.Dictionary["UserId"]);
var issuedTokenUtc = DateTime.UtcNow;
var refreshToken = new RefreshToken
{
UserId = userId,
Token = PasswordHelper.CreateShaHash(tokenBody),
IssuedUtc = issuedTokenUtc,
ExpiresUtc = issuedTokenUtc.AddMinutes(refreshTokenLifeTimeMinutes)
};
context.Ticket.Properties.IssuedUtc = refreshToken.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = refreshToken.ExpiresUtc;
refreshToken.ProtectedTicket = context.SerializeTicket();
var refreshTokenService = NinjectWebCommon.Bootstrapper.Kernel.Get <IRefreshTokenService>();
refreshTokenService.Add(refreshToken);
context.SetToken(tokenBody);
return(Task.FromResult <object>(null));
}
private Task ReceiveRefreshTokenAsync(AuthenticationTokenReceiveContext context)
{
var hashedRefreshToken = PasswordHelper.CreateShaHash(context.Token);
var refreshTokenService = NinjectWebCommon.Bootstrapper.Kernel.Get <IRefreshTokenService>();
var existingToken = refreshTokenService.GetByToken(hashedRefreshToken);
if (existingToken != null)
{
context.DeserializeTicket(existingToken.ProtectedTicket);
refreshTokenService.Delete(existingToken);
}
return(Task.FromResult <object>(null));
}
