public async Task it_should_add_a_refresh_token(DatabaseEngine engine) { // Arrange await using var container = new DatabaseTestContainerBuilder().Build(engine); var configuration = new ConfigurationBuilder().For(container).Build(engine); var manager = new DatabaseManagerBuilder().With(configuration).Build(engine); var runner = new MigratorRunnerBuilder().With(configuration).Build(engine); var sut = new UserRepositoryBuilder().With(configuration).Build(engine); await container.StartAsync(); await manager.EnsureDatabaseCreated(); runner.MigrateUp(); const string username = "******"; var user = new UserBuilder().WithUserName(username).Build(); await sut.CreateAsync(user); // Act var persistedUser = await sut.FindByNameAsync(username); await sut.AssignRefreshToken("some_token", persistedUser !); // Assert var result = await sut.FindByNameAsync(username); result !.RefreshTokens.Should().ContainSingle("some_token"); }
private RefreshTokens BuildRefreshToken(string userId, string clientAppId, string grantType, string authenToSystem, string authorizationCode) { var obj = new RefreshTokens(); obj.Id = Guid.NewGuid(); obj.AppAudienceId = clientAppId; obj.IssuedDateTime = DateTimes.GetCurrentUtcDateTimeInThaiTimeZone(DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); var RefreshTokenExpiryDateTime = DateTime.UtcNow.AddSeconds(Convert.ToDouble(_config["Jwt:RefreshTokenExpires"])); obj.ExpiryDateTime = DateTimes.ConvertToUtcDateTimeInThaiTimeZone(RefreshTokenExpiryDateTime, DateTimes.DateTimeFormat.YearMonthDayByDashTHourMinuteSecondByColonZ, DateTimes.LanguageCultureName.ENGLISH_UNITED_STATES, DateTimes.DateTimeUtcOffset.HHMMByColon); obj.GrantType = grantType; if (grantType == GRANT_TYPE_PASSWORD) { obj.ResourceOwnerId = userId; obj.AuthenToSystem = authenToSystem; } if (grantType == GRANT_TYPE_AUTHORIZATION_CODE) { obj.AuthorizationCode = authorizationCode; } var key = Encoding.UTF8.GetBytes(obj.AppAudienceId); var message = Encoding.UTF8.GetBytes(obj.Id.ToString("N")); obj.RefreshToken = ReplaceInvalidCharacterForJwt(Convert.ToBase64String(HashingByHMACSHA256(message, key))); obj.Status = true; // Write Generated RefreshToken to AuthDB (For future checking) var authRefreshToken = _authObj.PutRefreshTokens(obj); return(obj); }
/// <summary> /// Метод добавляет токен в БД /// </summary> /// <param name="token"></param> /// <returns>Возвращает true, если токен добавлен успешно в БД</returns> public async Task <bool> AddToken(RefreshTokens token) { try { // Сперва ищем токен в БД по айди юзера var searchedtoken = await DbUsers.db.RefreshTokens.FirstOrDefaultAsync(i => i.IdUser == token.IdUser && i.IsActive == true); // Если токен найден, то необходимо обновить состояние токена на false, а также создать новый if (searchedtoken != null) { searchedtoken.IsActive = false; } // Далее добавляем новый токен, а так-же сохраняем БД await DbUsers.db.RefreshTokens.AddAsync(token); await DbUsers.db.SaveChangesAsync(); return(true); // True, т.к. токен добавлен в БД } catch (Exception) { return(false); // false, т.к. невозможно добавить токен в БД } }
public async Task <Jwt> SignIn(string email, string password) { var user = await _db.Users.SingleOrDefaultAsync(u => u.Email == email); if (user == null) { throw new Exception("Wrong email"); } var comparisonResult = _passwordHasher.VerifyHashedPassword(user, user.Password, password); if (comparisonResult == PasswordVerificationResult.Failed) { throw new Exception("Wrong password"); } var jwt = _jwtHandler.Create(user); var refreshToken = new RefreshTokens { Token = _passwordHasher.HashPassword(user, Guid.NewGuid().ToString()).Replace("+", string.Empty).Replace("=", string.Empty).Replace("/", string.Empty), UserId = user.UserId, Revoked = false, TimeCreated = DateTime.UtcNow }; _db.RefreshTokens.Add(refreshToken); await _db.SaveChangesAsync(); jwt.RefreshToken = refreshToken.Token; return(jwt); }
public async Task <TokenDto> SignIn(SignInDto signInDto) { var user = await userRepository.FindByLoginAsync(signInDto.Email); TokenDto tokenDto = new TokenDto(); if (user == null || user.StatusOfVerification == "Processing" || user.StatusOfVerification == "Blocked") { tokenDto.Code = 401; return(tokenDto); } if (signInDto.Email != user.Email || !VerifyPassword(signInDto.Password, user.HashPassword, user.Salt)) { tokenDto.Code = 401; return(tokenDto); } //Return two tokens Access, Refresh tokenDto.Name = user.FirstName; tokenDto.Code = 200; tokenDto.AccessToken = token.GenerateToken(user); tokenDto.RefreshToken = token.RefreshGenerateToken(); //Save To database Refresh token RefreshTokens refreshToken = new RefreshTokens(tokenDto.RefreshToken, user.Id, true); refreshRepository.Create(refreshToken); await refreshRepository.SaveChangesAsync(); return(tokenDto); }
public void RemoveRefreshToken(string refreshToken) { var token = RefreshTokens.SingleOrDefault(t => t.Token == refreshToken); if (token != null) { RefreshTokens.Remove(token); } }
public async Task <UserDto> Handle(CurrentUserCommand request, CancellationToken cancellationToken) { var token = AppContext.Current.Request.Headers[HeaderNames.Authorization].ToString().Replace("Bearer ", ""); var refreshToken = AppContext.Current.Request.Cookies[Constants.RefreshToken]; var principal = _jwtGenerator.GetPrincipalFromExpiredToken(token); var username = principal.Claims.FirstOrDefault(x => x.Type == ClaimTypes.NameIdentifier)?.Value; var user = await _context.Users .Where(x => x.UserName == username) .Include(x => x.RefreshTokens) .SingleOrDefaultAsync(x => x.RefreshTokens.Any(y => y.Token == refreshToken), cancellationToken); if (user == null) { ThrowUnauthorized(); } var oldToken = user !.RefreshTokens.SingleOrDefault(x => x.Token == refreshToken); if (oldToken != null && !oldToken.IsActive) { ThrowUnauthorized(); } if (oldToken != null) { oldToken.Revoked = DateTime.UtcNow; } var newRefreshToken = _jwtGenerator.GenerateRefreshToken(user); await _context.RefreshTokens.AddAsync(newRefreshToken, cancellationToken); var revokedTokens = user.RefreshTokens.Where(x => x.IsExpired); _context.RefreshTokens.RemoveRange(revokedTokens); var success = await _context.SaveChangesAsync(cancellationToken) > 0; if (success) { _cookieService.SetTokenCookie(newRefreshToken.Token); return(new UserDto { UserName = user.UserName, Token = _jwtGenerator.GenerateAccessToken(user), RefreshToken = newRefreshToken.Token }); } throw new Exception(Constants.ServerSavingError); }
public async Task <IActionResult> Refresh_Token(CancellationToken cancellationToken) { var command = new RefreshTokens { RefreshToken = _cookieFactory.GetRefreshTokenFromCookie(this) }; var token = await _mediator.Send(command, cancellationToken); _cookieFactory.SetResponseRefreshTokenCookie(this, token.RefreshToken); return(Accepted(token)); }
public async Task <bool> RemoveRefreshToken(string refreshToken) { var refreshTokenModel = await RefreshTokens.SingleAsync(i => i.Token == refreshToken); if (refreshToken != null) { RefreshTokens.Remove(refreshTokenModel); return(await SaveChangesAsync() > 0); } return(false); }
public void InsertNew(RefreshToken token) { var tokenModel = RefreshTokens.SingleOrDefault(i => i.UserId == token.UserId); if (tokenModel != null) { RefreshTokens.Remove(tokenModel); SaveChanges(); } RefreshTokens.Add(token); SaveChanges(); }
/// <summary> /// Save Refresh token to database /// </summary> /// <param name="id"></param> /// <param name="refreshtoken"></param> /// <param name="isvalid"></param> /// <returns>return model TokenDto</returns> public async Task <TokenDto> SaveRefreshTokenAsync(int id, string refreshtoken, bool isvalid) { RefreshTokens refresh = new RefreshTokens(refreshtoken, id, isvalid); refreshRepository.Create(refresh); await refreshRepository.SaveChangesAsync(); return(new TokenDto() { RefreshToken = refresh.Refresh }); }
public async Task <IActionResult> Login(LoginAccountDto model) { var user = await _userManager.FindByNameAsync(model.UserName); if (user == null) { throw new AppException("Wrong user or password!"); } var emailConfirmation = await _userManager.IsEmailConfirmedAsync(user); if (emailConfirmation == false) { throw new AppException("Precisas de confirmar o teu registo para continuar. Por favor confirma o teu email!"); } var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, isPersistent : false, lockoutOnFailure : true); //if (!result.Succeeded) // throw new AppException("Wrong user or password!"); await UserIsLockoutAsync(user, result); await _userManager.ResetAccessFailedCountAsync(user); var token = await GetJwtSecurityToken(user); if (token == null) { throw new AppException("Error generating Token!"); } var refreshToken = new RefreshTokens { Username = user.UserName, Token = GenerateRefreshToken(user).Token, Revoked = false, IpAdress = _httpContext.HttpContext.Connection.RemoteIpAddress.ToString(), }; _context.RefreshTokens.Add(refreshToken); _context.SaveChanges(); return(Ok(new { message = "Login Successful!", access_token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo, refresh_token = refreshToken.Token, })); }
public async Task <bool> AddRefreshToken(RefreshToken token) { var existingToken = RefreshTokens.Where(r => r.UserId == token.UserId).SingleOrDefault(); if (existingToken != null) { var result = await RemoveRefreshToken(existingToken); } RefreshTokens.Add(token); return(await SaveChangesAsync() > 0); }
public async Task UpdateRefreshTokenCheckWhenRefreshTokenNull_Test() { refreshTokenInitialize = new RefreshTokens() { Id = 1 }; _refreshTokenRepositoryMock.Setup(repo => repo.GetAsync(It.IsAny <System.Linq.Expressions.Expression <Func <RefreshTokens, bool> > >())).Returns(async() => { return(null); }); HttpStatusCodeException ex = await Assert.ThrowsExceptionAsync <HttpStatusCodeException>(() => _refreshTokenService.UpdateRefreshTokenAsync(refreshTokenInitialize.Id, RefreshToken, UserId, DaysToExpire)); Assert.AreEqual("Such refresh token doesn't exist", ex.Message); }
// PUT https://undone-auth.firebaseio.com/RefreshTokens/<UNIQUE_ID>.json?access_token=<ACCESS_TOKEN> public async Task <HttpResponseMessage> PutRefreshTokens(RefreshTokens token) { var client = new HttpClient(); client.BaseAddress = new Uri(projectUrl); client.DefaultRequestHeaders.Accept.Clear(); client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json")); var jsonString = JsonConvert.SerializeObject(token); var uniqueId = token.RefreshToken; var response = await client.PutAsync("RefreshTokens/" + uniqueId + ".json?access_token=" + accessToken, new StringContent(jsonString, Encoding.UTF8, "application/json")); return(response); }
/// <summary> /// Метод, который возвращает Refresh-токен /// </summary> /// <param name="token"></param> /// <returns>Возвращает RefreshToken из базы данных</returns> public async Task <RefreshTokens> GetToken(RefreshTokens token) { // Ищем токен var searchedtoken = await DbUsers.db.RefreshTokens.FirstOrDefaultAsync(i => i.TokenRefresh == token.TokenRefresh); // Если дата токена вышла (или он неактивен), то не возвращай токен if (searchedtoken.DateLifeEnd < DateTime.Now || searchedtoken.IsActive == false) { return(null); } // Иначе, если дата токена не истекла, а также он активен, то верни токен return(searchedtoken); }
public async Task <RefreshTokens> AddRefreshToken(RefreshTokens token) { var existingToken = db.RefreshTokens.SingleOrDefault(x => x.Subject == token.Subject && x.ClientId == token.ClientId); if (existingToken != null) { var result = await RemoveRefreshToken(existingToken); } token.Id = Guid.NewGuid().ToString("n"); db.RefreshTokens.Add(token); await db.SaveChangesAsync(); return(token); }
public async Task CheckRefreshTokenInactive_Test() { refreshTokenInitialize = new RefreshTokens() { Id = 1, IsActive = false, }; _refreshTokenRepositoryMock.Setup(repo => repo.GetAsync(It.IsAny <System.Linq.Expressions.Expression <Func <RefreshTokens, bool> > >())).Returns(async() => { return(refreshTokenInitialize); }); var ex = await Assert.ThrowsExceptionAsync <HttpStatusCodeException>(() => _refreshTokenService.CheckRefreshTokenAsync(RefreshToken)); Assert.AreEqual("Such refresh token is inactive", ex.Message); Assert.AreEqual(HttpStatusCode.Unauthorized, ex.StatusCode); }
public async Task CheckRefreshTokenDaysToExpireInactive_Test() { refreshTokenInitialize = new RefreshTokens() { Id = 1, IsActive = true, DaysToExpire = Convert.ToDateTime("13.07.2019 11:45:12") }; _refreshTokenRepositoryMock.Setup(repo => repo.GetAsync(It.IsAny <System.Linq.Expressions.Expression <Func <RefreshTokens, bool> > >())).Returns(async() => { return(refreshTokenInitialize); }); var ex = await Assert.ThrowsExceptionAsync <HttpStatusCodeException>(() => _refreshTokenService.CheckRefreshTokenAsync(_refreshTokenModel.RefreshToken)); Assert.AreEqual("Days to expire of refresh token is inactive", ex.Message); Assert.AreEqual(HttpStatusCode.Unauthorized, ex.StatusCode); }
public bool IsValidRefreshToken(string refreshToken) { //TODO: needs refactor var token = RefreshTokens.SingleOrDefault(t => t.Token == refreshToken); if (token == null) { return(false); } if (token.IsActive) { return(true); } RefreshTokens.Remove(token); return(false); }
public async Task GetAsyncCheckWhenRefreshTokenNotNull_Test() { refreshTokenInitialize = new RefreshTokens() { Id = 1, UserId = 91, IsActive = true, RefreshToken = "4wjRDjmSi9YfgFYAVM2QWjJxY8w1Ao6U7S6ZWX9VDCQ=", DaysToExpire = DateTime.Now.AddDays(1) }; _refreshTokenRepositoryMock.Setup(repo => repo.GetAsync(It.IsAny <System.Linq.Expressions.Expression <Func <RefreshTokens, bool> > >())).Returns(async() => { return(refreshTokenInitialize); }); var result = await _refreshTokenService.GetAsync(RefreshToken); Assert.AreEqual(typeof(RefreshTokenDTO), result.GetType()); }
private RefreshTokens GenerateRefreshToken(UserEntity user) { var result = _passwordHasher.HashPassword(user, Guid.NewGuid().ToString()) .Replace("+", string.Empty) .Replace("=", string.Empty) .Replace("/", string.Empty); var refreshToken = new RefreshTokens { Username = user.UserName, Token = result, Revoked = false, IpAdress = _httpContext.HttpContext.Connection.RemoteIpAddress.ToString(), }; return(refreshToken); }
public async Task LogOut(string RefreshToken) { if (!_context.RefreshTokens.Any(x => x.Token == RefreshToken)) { throw new AppException("Invalid Refresh Token!"); } try { RefreshTokens NewRefreshToken = _context.RefreshTokens.Single(x => x.Token == RefreshToken); NewRefreshToken.Revoked = true; _context.RefreshTokens.Update(NewRefreshToken); await _context.SaveChangesAsync(); } catch (ArgumentNullException) { throw new AppException("Nao foi encontrado nenhum token!"); } catch (InvalidOperationException) { throw new AppException("Existe mais que um token!"); } catch (DbUpdateException) { throw new AppException("Foi encontrado um erro ao gravar o token na base de dados!"); } }
public ActionResult <Response <string> > Logout([FromBody] RefreshTokens tokens) { var token = ( from refresh in this.__context.Tokens // where refresh.Token == tokens.RefreshToken select refresh ).FirstOrDefault(); this.__context.Remove(token); this.__context.SaveChanges(); return(Ok( new Response <string>() { Data = "You are logged out", Success = true } )); }
public void UpdateRefreshTokenCheckWhenRefreshTokenNotNull_Test() { refreshTokenInitialize = new RefreshTokens() { Id = 1, UserId = 91, IsActive = true, RefreshToken = "4wjRDjmSi9YfgFYAVM2QWjJxY8w1Ao6U7S6ZWX9VDCQ=", DaysToExpire = DateTime.Now.AddDays(1) }; _refreshTokenRepositoryMock.Setup(repo => repo.GetAsync(It.IsAny <System.Linq.Expressions.Expression <Func <RefreshTokens, bool> > >())).Returns(async() => { return(refreshTokenInitialize); }); _refreshTokenRepositoryMock.Setup(repo => repo.UpdateAsync(refreshTokenInitialize)).Returns(async() => { return(refreshTokenInitialize); }); var result = _refreshTokenService.UpdateRefreshTokenAsync(refreshTokenInitialize.Id, RefreshToken, UserId, DaysToExpire); Assert.IsTrue(result.IsCompleted); }
public ActionResult <Response <RefreshTokens> > Refresh([FromBody] RefreshTokens tokens) { var jwttoken = new JwtSecurityToken(tokens.JwtToken); var userId = Int32.Parse(jwttoken.Claims.Where(x => x.Type == ClaimTypes.NameIdentifier).FirstOrDefault()?.Value); var newTokens = this.userServices.CheckRefreshToken(userId, tokens.RefreshToken, tokens.JwtToken); if (newTokens != null) { return(Ok( new Response <RefreshTokens>() { Data = newTokens, Success = true } )); } return(Unauthorized()); }
/// <summary> /// Метод, который делает рефреш токена /// </summary> /// <param name="token"></param> /// <returns>Возвращает обновленный Acess токен</returns> public async Task <RefreshTokens> RefreshToken(RefreshTokens token) { // Обращаемся в БД и удостоверяемся, что рефреш токен правильный. var SearchedToken = await tokensService.GetToken(token); // Если токен не нашли, то верни null if (SearchedToken == null) { return(null); } // Иначе, если токен найден, то сгенерируй новый AcessToken SearchedToken.TokenAcess = await GenerateJWT(await _userManager.FindByIdAsync(SearchedToken.IdUser)); // Генерируем новый Acess Токен // А также сбросить аутентификационные куки var removed = await UnLoginUser(await _userManager.FindByIdAsync(SearchedToken.IdUser)); return(SearchedToken); // Возвращаем обновленный Acess токен }
public async Task CheckRefreshTokenCheckUserIsNotExist_Test() { refreshTokenInitialize = new RefreshTokens() { Id = 1, UserId = 91, IsActive = true, RefreshToken = "4wjRDjmSi9YfgFYAVM2QWjJxY8w1Ao6U7S6ZWX9VDCQ=", DaysToExpire = DateTime.Now.AddDays(1) }; _userService.Setup(service => service.GetByIdAsync(UserId)).Returns(async() => { return(null); }); _refreshTokenRepositoryMock.Setup(repo => repo.GetAsync(It.IsAny <System.Linq.Expressions.Expression <Func <RefreshTokens, bool> > >())).Returns(async() => { return(refreshTokenInitialize); }); var ex = await Assert.ThrowsExceptionAsync <HttpStatusCodeException>(() => _refreshTokenService.CheckRefreshTokenAsync(_refreshTokenModel.RefreshToken)); Assert.AreEqual("Such user doesn't exist", ex.Message); Assert.AreEqual(HttpStatusCode.NotFound, ex.StatusCode); }
public async Task CheckRefreshTokenCheckReturnOK_Test() { refreshTokenInitialize = new RefreshTokens() { Id = 1, UserId = 91, IsActive = true, RefreshToken = "4wjRDjmSi9YfgFYAVM2QWjJxY8w1Ao6U7S6ZWX9VDCQ=", DaysToExpire = DateTime.Now.AddDays(1) }; _refreshTokenRepositoryMock.Setup(repo => repo.GetAsync(It.IsAny <System.Linq.Expressions.Expression <Func <RefreshTokens, bool> > >())).Returns(async() => { return(refreshTokenInitialize); }); _userService.Setup(service => service.GetByIdAsync(UserId)).Returns(async() => { return(_applicationUserDTO); }); var actionResult = await _refreshTokenService.CheckRefreshTokenAsync(_refreshTokenModel.RefreshToken); Assert.AreEqual(typeof(TokensResponse), actionResult.GetType()); Assert.IsNotNull(actionResult); }
/// <summary> /// Метод аутентификации, который возвращает JWT токен (При каждой аутентификации генерируется новый JWT токен) /// </summary> /// <param name="username">Логин</param> /// <param name="password">Пароль</param> /// <returns>Возвращает RefreshToken</returns> public async Task <RefreshTokens> Authenticate(string username, string password) { // Ищем пользователя по email User user = await _userManager.FindByEmailAsync(username); // Если пользователь не найден, верни ошибку о том, что такого юзера нет if (user == null) { return(null); } // Иначе, пользователь найден, тогда надо сбросить куки var removed = await UnLoginUser(user); // Далее проходим авторизацию var result = await _signInManager.CheckPasswordSignInAsync(user, password, false); // Если авторизация не прошла успешно, то верни null if (!result.Succeeded) { return(null); } // Теперь генерируем данные для RefreshToken'a var encodedJwt = await GenerateJWT(user); // JWT AcessToken var RefreshToken = GenerateRefreshToken(); // RefreshToken RefreshTokens token = new RefreshTokens { TokenAcess = encodedJwt, IdUser = user.Id, TokenRefresh = RefreshToken, DateLifeStart = DateTime.Now, DateLifeEnd = DateTime.Now.AddDays(10), IsActive = true }; // Добавляем этот токен в хранилище RefreshToken'ов var added = await tokensService.AddToken(token); return(token); // Возвращаем токен }