public ActionResult <AccessTokenDTO> Attest( [FromQuery] Attestation attestation, [FromServices] ITokenBlacklistCache blacklistCache) { if (authenticationOptions.Mechanism != userContext.AuthenticationMechanism) { return(StatusCode(StatusCodes.Status401Unauthorized)); } try { if (blacklistCache.IsBlacklisted(userContext.IdNonce)) { logger.LogWarning("Id token is blacklisted. IdNonce:{IdNonce} Attestation:{@Attestation}", userContext.IdNonce, attestation); return(StatusCode(StatusCodes.Status401Unauthorized)); } var token = jwtProvider.AccessToken(HttpContext, attestation); logger.LogInformation("Created Access Token. Attestation:{@Attestation} Token:{Token}", attestation, token); return(Ok(new AccessTokenDTO { AccessToken = token })); } catch (Exception e) { logger.LogError("Failed to produce access token. Attestation:{@Attestation} Error:{Error}", attestation, e.ToString()); return(StatusCode(StatusCodes.Status500InternalServerError)); } }
public ActionResult <AccessTokenDTO> Attest( [FromQuery] Attestation attestation, [FromServices] ITokenBlacklistCache blacklistCache) { if (authenticationOptions.Mechanism != userContext.AuthenticationMechanism) { return(StatusCode(StatusCodes.Status401Unauthorized)); } try { if (blacklistCache.IsBlacklisted(userContext.IdNonce)) { return(StatusCode(StatusCodes.Status401Unauthorized)); } var token = jwtProvider.AccessToken(HttpContext, attestation); return(Ok(new AccessTokenDTO { AccessToken = token })); } catch (Exception e) { logger.LogError("Could not produce access token. Error:{Error}", e.ToString()); return(StatusCode(StatusCodes.Status500InternalServerError)); } }
public async Task Invoke(HttpContext context) { var user = context.User; var authenticated = user?.Identity?.IsAuthenticated; if (authenticated.HasValue && authenticated.Value) { var idNonce = new Guid(user.FindFirstValue(Nonce.Id)); if (cache.IsBlacklisted(idNonce)) { logger.LogWarning("Attempted use of blacklisted token: {idNonce}", idNonce.ToString()); context.Response.StatusCode = 401; return; } } await next(context); }