/// <summary>
 /// Called when receiving a refresh token. An application may use this context
 /// to deserialize the code using a custom format and to skip the default logic using
 /// <see cref="BaseContext{OpenIdConnectServerOptions}.HandleResponse"/>.
 /// </summary>
 /// <param name="context">The context of the event carries information in and results out.</param>
 /// <returns>Task to enable asynchronous execution</returns>
 public virtual Task ReceiveRefreshToken(ReceiveRefreshTokenContext context) => OnReceiveRefreshToken(context);
Esempio n. 2
0
        private async Task <AuthenticationTicket> ReceiveRefreshTokenAsync(string token, OpenIdConnectMessage request)
        {
            try {
                var notification = new ReceiveRefreshTokenContext(Context, Options, request, token)
                {
                    DataFormat = Options.RefreshTokenFormat
                };

                // Sets the default deserializer used to resolve the
                // authentication ticket corresponding to the refresh token.
                notification.Deserializer = payload => {
                    return(Task.FromResult(notification.DataFormat?.Unprotect(payload)));
                };

                await Options.Provider.ReceiveRefreshToken(notification);

                // Directly return the authentication ticket if one
                // has been provided by ReceiveRefreshToken.
                // Treat a non-null ticket like an implicit HandleResponse call.
                if (notification.HandledResponse || notification.AuthenticationTicket != null)
                {
                    if (notification.AuthenticationTicket == null)
                    {
                        return(null);
                    }

                    // Ensure the received ticket is a refresh token.
                    if (!notification.AuthenticationTicket.IsRefreshToken())
                    {
                        Logger.LogVerbose("The received token was not a refresh token: {0}.", token);

                        return(null);
                    }

                    return(notification.AuthenticationTicket);
                }

                else if (notification.Skipped)
                {
                    return(null);
                }

                var ticket = await notification.DeserializeTicketAsync(token);

                if (ticket == null)
                {
                    return(null);
                }

                // Ensure the received ticket is a refresh token.
                if (!ticket.IsRefreshToken())
                {
                    Logger.LogVerbose("The received token was not a refresh token: {0}.", token);

                    return(null);
                }

                return(ticket);
            }

            catch (Exception exception) {
                Logger.LogWarning("An exception occured when deserializing a refresh token.", exception);

                return(null);
            }
        }