public string TokenRevocation(RevocationDTO revocationDTO)
{
try
{
ValidationResult results1 = userloginvalidation.Validate(revocationDTO.user);
ValidationResult results2 = refreshvalidation.Validate(revocationDTO.refresh);
string refresh_token = HttpUtility.UrlDecode(revocationDTO.token);
Authorize authorize = oauth.Authorize.SingleOrDefault(x => x.Code == refresh_token);
User user = oauth.User.Where(x => x.UserId == authorize.UserId).FirstOrDefault();
UserDTO userLoginDTO = mapper.Map <UserDTO>(user);
//Check user is authenticated
var handler = new UserAuthenticationHandler();
handler.Handle(userLoginDTO);
revocationDTO.user = userLoginDTO;
//Check refresh token provided is real
var refreshhandler = new RefreshTokenAuthenticationHandler();
refreshhandler.Handle(revocationDTO);
//Set the refresh token to null
authorize.Code = null;
oauth.SaveChanges();
return(TokenConstants.RevokedToken);
}
catch (InvalidTokenException) { throw; }
catch (InvalidUserException) { throw; }
catch (Exception ex)
{
Log.Log.Error(ex, TokenConstants.InvalidUser);
throw new InvalidUserException(TokenConstants.InvalidUser);
}
}
public UserDTO Login(UserDTO userLogin)
{
ValidationResult results = userloginvalidation.Validate(userLogin);
User user = oauth.User.Where(x => x.UserName == userLogin.UserName).FirstOrDefault();
UserDTO userLoginDTO = mapper.Map <UserDTO>(user);
userLoginDTO.password = userLogin.password;
var handler = new UserAuthenticationHandler();
handler.Handle(userLoginDTO);
userLoginDTO.IsAuthenticated = true;
return(userLoginDTO);
}
