Esempio n. 1
0
        /// <summary>
        /// Refreshes an access token.
        /// </summary>
        /// <param name="refreshToken">The refresh token.</param>
        /// <returns>A token response.</returns>
        public async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken)
        {
            _logger.LogTrace("RefreshTokenAsync");

            await EnsureConfigurationAsync();

            var client   = TokenClientFactory.Create(_options);
            var response = await client.RequestRefreshTokenAsync(refreshToken);

            if (response.IsError)
            {
                return(new RefreshTokenResult {
                    Error = response.Error
                });
            }

            // validate token response
            var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : _options.Policy.RequireIdentityTokenOnRefreshTokenResponse);

            if (validationResult.IsError)
            {
                return(new RefreshTokenResult {
                    Error = validationResult.Error
                });
            }

            return(new RefreshTokenResult
            {
                IdentityToken = response.IdentityToken,
                AccessToken = response.AccessToken,
                RefreshToken = response.RefreshToken,
                ExpiresIn = (int)response.ExpiresIn
            });
        }
Esempio n. 2
0
        /// <summary>
        /// Refreshes an access token.
        /// </summary>
        /// <param name="refreshToken">The refresh token.</param>
        /// <param name="extraParameters">The extra parameters.</param>
        /// <returns>
        /// A token response.
        /// </returns>
        public virtual async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken, object extraParameters = null)
        {
            _logger.LogTrace("RefreshTokenAsync");

            await EnsureConfigurationAsync();

            var client   = TokenClientFactory.Create(_options);
            var response = await client.RequestRefreshTokenAsync(refreshToken, extra : extraParameters);

            if (response.IsError)
            {
                return(new RefreshTokenResult {
                    Error = response.Error
                });
            }

            // validate token response
            var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : _options.Policy.RequireIdentityTokenOnRefreshTokenResponse);

            if (validationResult.IsError)
            {
                return(new RefreshTokenResult {
                    Error = validationResult.Error
                });
            }

            return(new RefreshTokenResult
            {
                IdentityToken = response.IdentityToken,
                AccessToken = response.AccessToken,
                RefreshToken = response.RefreshToken,
                ExpiresIn = (int)response.ExpiresIn,
                AccessTokenExpiration = DateTime.Now.AddSeconds(response.ExpiresIn)
            });
        }
Esempio n. 3
0
        /// <summary>
        /// Refreshes an access token.
        /// </summary>
        /// <param name="refreshToken">The refresh token.</param>
        /// <returns>A token response.</returns>
        public async Task <RefreshTokenResult> RefreshTokenAsync(string refreshToken, Task <RsaSecurityKey> pregeneratedPopKeyTask = null)
        {
            if (string.IsNullOrEmpty(refreshToken))
            {
                throw new ArgumentException("refreshToken");
            }
            _logger.LogTrace("RefreshTokenAsync");

            await EnsureConfigurationAsync().ConfigureAwait(false);

            var client = TokenClientFactory.Create(_options);


            TokenResponse      response;
            SigningCredentials popSigner = null;

            if (_options.RequestPopTokens)
            {
                //-- PoP Key Creation
                _logger.LogTrace("CreateProviderForPopToken");
                var popKey = await(pregeneratedPopKeyTask ?? PopTokenExtensions.CreateProviderForPopTokenAsync()).ConfigureAwait(false);
                var jwk    = popKey.ToJwk();
                response = await client.RequestRefreshTokenPopAsync(refreshToken, jwk.Alg, jwk.ToJwkString()).ConfigureAwait(false);

                popSigner = new SigningCredentials(popKey, "RS256");
            }
            else
            {
                response = await client.RequestRefreshTokenAsync(refreshToken).ConfigureAwait(false);
            }

            if (response.IsError)
            {
                return(new RefreshTokenResult {
                    Error = response.Error
                });
            }

            // validate token response
            var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : _options.Policy.RequireIdentityTokenOnRefreshTokenResponse).ConfigureAwait(false);

            if (validationResult.IsError)
            {
                return(new RefreshTokenResult {
                    Error = validationResult.Error
                });
            }

            return(new RefreshTokenResult
            {
                IdentityToken = response.IdentityToken,
                AccessToken = response.AccessToken,
                RefreshToken = response.RefreshToken,
                ExpiresIn = (int)response.ExpiresIn,
                PopTokenKey = popSigner
            });
        }
Esempio n. 4
0
        /// <summary>
        /// Refreshes an access token.
        /// </summary>
        /// <param name="refreshToken">The refresh token.</param>
        /// <param name="backChannelParameters">Back-channel parameters</param>
        /// <param name="cancellationToken">The cancellation token.</param>
        /// <returns>
        /// A token response.
        /// </returns>
        public virtual async Task <RefreshTokenResult> RefreshTokenAsync(
            string refreshToken,
            Parameters backChannelParameters    = null,
            CancellationToken cancellationToken = default)
        {
            _logger.LogTrace("RefreshTokenAsync");

            await EnsureConfigurationAsync(cancellationToken);

            backChannelParameters = backChannelParameters ?? new Parameters();

            var client = Options.CreateClient();

            var response = await client.RequestRefreshTokenAsync(new RefreshTokenRequest
            {
                Address               = Options.ProviderInformation.TokenEndpoint,
                ClientId              = Options.ClientId,
                ClientSecret          = Options.ClientSecret,
                ClientAssertion       = Options.ClientAssertion,
                ClientCredentialStyle = Options.TokenClientCredentialStyle,
                RefreshToken          = refreshToken,
                Parameters            = backChannelParameters
            }, cancellationToken).ConfigureAwait(false);

            if (response.IsError)
            {
                return(new RefreshTokenResult
                {
                    Error = response.Error,
                    ErrorDescription = response.ErrorDescription,
                });
            }

            // validate token response
            var validationResult = await _processor.ValidateTokenResponseAsync(response, null, requireIdentityToken : Options.Policy.RequireIdentityTokenOnRefreshTokenResponse,
                                                                               cancellationToken : cancellationToken);

            if (validationResult.IsError)
            {
                return(new RefreshTokenResult {
                    Error = validationResult.Error
                });
            }

            return(new RefreshTokenResult
            {
                IdentityToken = response.IdentityToken,
                AccessToken = response.AccessToken,
                RefreshToken = response.RefreshToken,
                ExpiresIn = response.ExpiresIn,
                AccessTokenExpiration = DateTimeOffset.Now.AddSeconds(response.ExpiresIn)
            });
        }