/// <summary>
/// 建立 AuthenticationTokenCreateContext
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
//產成的新Token的唯一標別碼,在此使用Guid(有需要再改其它演算法)
var refreshTokenId = Guid.NewGuid().ToString("n");
//更新Token的生存時間值,該值將被用於確定新Token有多長的有效期
using (AuthBLL _auth = new AuthBLL())
{
var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime");
//有值延長為2倍,若為null則預設60分鐘
double doubleRefreshTokenLifeTime = 60;
bool isDoubleRefreshTokenLifeTime = double.TryParse(refreshTokenLifeTime, out doubleRefreshTokenLifeTime);
if (!isDoubleRefreshTokenLifeTime)
{
doubleRefreshTokenLifeTime = 60;
}
else
{
doubleRefreshTokenLifeTime = doubleRefreshTokenLifeTime * 2;
}
var token = new RefreshToken()
{
Id = Helper.GetHash(refreshTokenId),
ClientId = clientid,
Subject = context.Ticket.Identity.Name,
IssuedUtc = DateTime.UtcNow,
//有效期限(分鐘,有需要再改)
ExpiresUtc = DateTime.UtcNow.AddMinutes(doubleRefreshTokenLifeTime)
};
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
//在資料庫中以序列化形式儲存
token.ProtectedTicket = context.SerializeTicket();
//儲存到RefreshTokens資料表中
var result = await _auth.AddRefreshToken(token);
if (result)
{
//建立暫存refreshToken用
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddMinutes(doubleRefreshTokenLifeTime)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity, refreshTokenProperties);
_refreshTokens.TryAdd(refreshTokenId, refreshTokenTicket);
//回傳新的Token
context.SetToken(refreshTokenId);
}
}
}