public async Task <IActionResult> Refresh(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; var principal = GetPrincipalFromExpiredToken(accessToken); var username = principal.Identity.Name; //this is mapped to the Name claim by default var user = _userManager.Users.SingleOrDefault(u => u.UserName == username); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var roles = await _userManager.GetRolesAsync(user); var newAccessToken = GenerateJwt(user, roles); var newRefreshToken = GenerateRefreshToken(); user.RefreshToken = newRefreshToken; user.RefreshTokenExpiryTime = DateTime.Now.AddMinutes(10); await _userManager.UpdateAsync(user); return(new ObjectResult(new { accessToken = newAccessToken, refreshToken = newRefreshToken })); }
public async Task <IActionResult> RefreshToken(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; var principal = _tokenService.GetPrincipalFromExpiredToken(accessToken); var username = principal.Identity.Name; //this is mapped to the Name claim by default _logger.LogInformation(principal.Identity.Name); var user = await _usersContext.AppUsers.SingleOrDefaultAsync(u => u.UserName == username); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var newAccessToken = _tokenService.GenerateAccessToken(principal.Claims); var newRefreshToken = _tokenService.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; await _usersContext.SaveChangesAsync(); return(new ObjectResult(new { AccessToken = newAccessToken, RefreshToken = newRefreshToken })); }
public IActionResult Refresh(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; var principal = _tokenManager.GetPrincipalFromExpiredToken(accessToken); var Id = principal.Identity.Name; //this is mapped to the Name claim by default var user = _unitOfWork.UserRepository.FirstOrDefault(u => u.Id == Id); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var newAccessToken = _tokenManager.GenerateAccessToken(principal.Claims); var newRefreshToken = _tokenManager.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; _unitOfWork.Save(); return(new ObjectResult(new { accessToken = newAccessToken, refreshToken = newRefreshToken })); }
public async Task <IActionResult> RefreshAsync([FromBody] TokenApiModel tokenApiModel) { if (tokenApiModel is null || tokenApiModel.AccessToken == String.Empty || tokenApiModel.RefreshToken == String.Empty) { return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; var principal = _tokenService.GetPrincipalFromExpiredToken(accessToken); var user = await _userService.GetUserFromPrincipalAsync(principal); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var newAccessToken = _tokenService.GenerateAccessToken(principal.Claims); var newRefreshToken = _tokenService.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; await _userService.UpdateUserAsync(user); var result = new TokenApiModel(newAccessToken, newRefreshToken); return(new JsonResult(result)); }
public IActionResult Refresh(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; var principal = tokenService.GetPrincipalFromExpiredToken(accessToken); var username = principal.Identity.Name; //this is mapped to the Name claim by default var user = userContext.LoginModels.SingleOrDefault(u => u.UserName == username); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var newAccessToken = tokenService.GenerateAccessToken(principal.Claims); var newRefreshToken = tokenService.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; userContext.SaveChanges(); return(new ObjectResult(new { accessToken = newAccessToken, refreshToken = newRefreshToken })); }
public async Task <IActionResult> Refresh(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } var cookies = Request.Cookies; string accessToken = tokenApiModel.AccessToken; string refreshToken = cookies.First(o => o.Key == "refreshToken").Value; var principal = _tokenService.GetPrincipalFromExpiredToken(accessToken); var username = principal.Identity.Name; //this is mapped to the Name claim by default var user = _dbContext.AspNetUsers.SingleOrDefault(u => u.Email == username); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var newAccessToken = _tokenService.GenerateAccessToken(principal.Claims); var newRefreshToken = await _tokenService.GenerateRefreshToken(user.Email); user.RefreshToken = newRefreshToken; _dbContext.SaveChanges(); setTokenCookie(newRefreshToken); return(Ok(new { accessToken = newAccessToken })); }
public IActionResult Refresh(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; var principal = _tokenService.GetPrincipalFromExpiredToken(accessToken); var userId = principal.Identity.Name; var user = _userService.GetById(int.Parse(userId)); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } var newAccessToken = _tokenService.GenerateAccessToken(user); var newRefreshToken = _tokenService.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; _userService.Update(user); return(Ok(new { accessToken = newAccessToken, refreshToken = newRefreshToken })); }
public async Task GetToken_ReturnsValue() { // Arrange var token = new TokenApiModel() { AccessToken = "1234ExampleToken", AccessTokenType = "Bearer", Audience = "https://management.azure.com/", Authority = "https://login.microsoftonline.com/12345/" }; var response = new HttpResponse { StatusCode = HttpStatusCode.OK, IsSuccessStatusCode = true, Content = JsonConvert.SerializeObject(token) }; this.mockHttpClient .Setup(x => x.GetAsync(It.IsAny <IHttpRequest>())) .ReturnsAsync(response); // Act var result = await this.client.GetTokenAsync(); // Assert this.mockHttpClient .Verify(x => x.GetAsync(It.Is <IHttpRequest>(r => r.Check($"{MOCK_SERVICE_URI}/users/default/token"))), Times.Once); Assert.Equal(token.AccessToken, result); }
public async Task <TokenApiModel> GetTokenResponse(HttpResponseMessage response) { var jsonMessage = await GetJsonMessage(response); TokenApiModel tokenResponse = (TokenApiModel)JsonConvert.DeserializeObject (jsonMessage, typeof(TokenApiModel)); return(tokenResponse); }
public async Task <string> GetTokenAsync() { // Note: The DEFAULT_USER_ID is set to any value. The user management service doesn't // currently use the user ID information, but if this API is updated in the future, we // will need to grab the user ID from the request JWT token and pass in here. var url = $"{this.ServiceUri}/users/{DefaultUserId}/token"; TokenApiModel tokenModel = await this.RequestHelper.ProcessRequestAsync <TokenApiModel>(HttpMethod.Get, url); return(tokenModel.AccessToken); }
public async Task UpdateToken(TokenApiModel tokens) { await _jSRuntime.SetInLocalStorage(jwtKey, tokens.Token); await _jSRuntime.SetInLocalStorage(tokenRefreshKey, tokens.RefreshToken); var authState = BuildAuthenticationState(tokens.Token); NotifyAuthenticationStateChanged(Task.FromResult(authState)); }
public async Task <IActionResult> Revoke(TokenApiModel tokenApiModel) { var apiKeyAuthenticate = APICredentialAuth.APIKeyCheck(Request.Headers[NamePars.APIKeyStr]); if (apiKeyAuthenticate.StatusCode == ResponseCode.Error) { return(BadRequest(new ResponseDetails() { StatusCode = ResponseCode.Exception, Message = apiKeyAuthenticate.Message })); } if (tokenApiModel is null) { return(BadRequest(new ResponseDetails() { Message = "Token body truyền vào không hợp lệ", StatusCode = ResponseCode.Error })); } var principal = _tokenService.GetPrincipalFromExpiredToken(tokenApiModel.AccessToken, _config); if (principal == null) { return(BadRequest(new ResponseDetails() { Message = "Token không được cấp quyền", StatusCode = ResponseCode.Error })); } var userID = principal.Claims?.FirstOrDefault(x => x.Type.Equals(NamePars.ClaimSid, StringComparison.OrdinalIgnoreCase))?.Value; var user = await _repository.User.GetUserByIDAsync(userID); if (user == null || user.RefreshToken != tokenApiModel.RefreshToken) { return(BadRequest(new ResponseDetails() { Message = "các giá trị token không khớp với dữ liệu trong database", StatusCode = ResponseCode.Error })); } ResponseDetails response = _repository.User.UpdateUserRefreshToken(user, null, null); if (response.StatusCode == ResponseCode.Success) { _repository.Save(); } else { _logger.LogError($"Lỗi khi revoke token cho user với id {user.UserID}"); } return(Ok()); }
public async Task <IActionResult> RefreshToken([FromBody] TokenApiModel model) { if (!ModelState.IsValid) { return(BadRequest(new MessageApiModel() { Message = ModelState.Select(x => x.Value.Errors).FirstOrDefault().ToString() })); } var resultRefreshToken = await _accountService.RefreshTokenAsync(model); return(Ok(resultRefreshToken)); }
public IActionResult Refresh(TokenApiModel tokenApiModel) { _iLogger.LogInformation("POST Token.refresh called"); if (tokenApiModel is null) { _iLogger.LogWarning("Bad/empty request"); return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; var principal = _tokenService.GetPrincipalFromToken(accessToken); var userId = this.User.GetUserId(); //this is mapped to the Name claim by default _iLogger.LogWarning(userId == null ? "Unable to retrieve user Id from claim" : "user Id retrieved from claim"); var user = _userContext.LoginModel.SingleOrDefault(u => u.Id == userId); _iLogger.LogWarning(user == null ? "Unable to retrieve user from db" : "user retrieved from db"); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { _iLogger.LogWarning("Could not refresh token. Mismatching or expired refresh."); return(BadRequest("Invalid client request")); } var newAccessToken = _tokenService.GenerateAccessToken(principal.Claims); var newRefreshToken = _tokenService.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; user.RefreshTokenExpiryTime = _tokenService.RefreshTokenTime; _iLogger.LogInformation("Refresh token established"); _userContext.SaveChanges(); _iLogger.LogInformation("Refresh token saved to db"); return(new ObjectResult(new { accessToken = newAccessToken, refreshToken = newRefreshToken })); }
private TokenApiModel GenerateToken(HttpContext context) { var username = context.Request.Form["username"]; var password = context.Request.Form["password"]; var now = DateTime.UtcNow; var identity = _identityProvider.GetIdentity(new LoginApiModel { Email = username, Password = password }); if (identity == null) { return(null); } var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, username), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, now.ToUniversalTime().Second.ToString(), ClaimValueTypes.Integer64) }; claims.AddRange(identity); var jwt = new JwtSecurityToken( issuer: _options.Issuer, audience: _options.Audience, claims: claims, notBefore: now, expires: now.Add(_options.Expiration), signingCredentials: _options.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var token = new TokenApiModel { Token = encodedJwt, ExpiresIn = (long)_options.Expiration.TotalSeconds }; _logger.LogInformation($"Token was successfuly generated for user with email: {username} "); return(token); }
public async Task <IActionResult> RefreshToken(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } string token = tokenApiModel.Token; string refreshToken = tokenApiModel.RefreshToken; var principal = _authManager.GetPrincipalFromExpiredToken(token); var username = principal.Identity.Name; //this is mapped to the Name claim by default var user = await _userManager.FindByNameAsync(username); if (user == null) { return(BadRequest("user nor found")); } if (user.RefreshToken != refreshToken) { return(BadRequest("refresh token is not the same")); } if (user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("refresh token has expired")); } var newAccessToken = _authManager.GenerateAccessToken(principal.Claims); var newRefreshToken = _authManager.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; await _repository.SaveAsync(); return(new ObjectResult(new { accessToken = newAccessToken, refreshToken = newRefreshToken })); }
public IActionResult Refresh(TokenApiModel tokenApiModel) { if (tokenApiModel is null) { return(BadRequest("Invalid client request")); } string accessToken = tokenApiModel.AccessToken; string refreshToken = tokenApiModel.RefreshToken; //var principal = tokenService.GetPrincipalFromExpiredToken(accessToken); var principal = tokenService.GetPrincipalFromExpiredToken(accessToken, new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey")))); var username = principal.Identity.Name; //this is mapped to the Name claim by default //En lugar de usar la conexión por contexto, usamos la conexión mediante los servicios ya creados. //var user = userContext.LoginModels.SingleOrDefault(u => u.UserName == username); //Conexión mediante clase Login var ConnectionStringLocal = _configuration.GetValue <string>("ServidorLocal"); using (IUser User = Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal)) { APIUsers.Library.Models.User user = User.GetUser(username); if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now) { return(BadRequest("Invalid client request")); } //var newAccessToken = tokenService.GenerateAccessToken(principal.Claims); var newAccessToken = tokenService.GenerateAccessToken(principal.Claims, new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey")))); var newRefreshToken = tokenService.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; //userContext.SaveChanges(); User.UpdateRefreshToken(user); return(new ObjectResult(new { accessToken = newAccessToken, refreshToken = newRefreshToken })); } }
public async Task <TokenApiModel> RefreshTokenAsync(TokenApiModel model) { return(await _httpService.Post <TokenApiModel, TokenApiModel>(ApiUrls.RefreshTokenUrl, model)); }