/// <summary>
/// Receives the Refresh Token from the "refresh_token" grant.
/// </summary>
/// <param name="context">The context.</param>
/// <returns><see cref="Task"/></returns>
public override async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
var owinContext = context.OwinContext;
var allowedOrigin = owinContext.Get <string>(OwinKeys.ClientAllowedOrigin) ?? "*";
owinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var hashedTokenId = IdentityUtil.ComputeHash(context.Token);
var identityStore = GetIdentityStore();
var refreshToken = await identityStore.FindRefreshToken(hashedTokenId);
if (refreshToken != null)
{
context.DeserializeTicket(refreshToken.ProtectedTicket);
await identityStore.RemoveRefreshToken(hashedTokenId);
}
}
private static RefreshToken CreateRefreshToken([NotNull] AuthenticationTicket ticket, [NotNull] string refreshTokenId, [NotNull] string clientId, double expiresInMinutes)
{
Contract.Requires(!string.IsNullOrEmpty(refreshTokenId));
Contract.Requires(!string.IsNullOrEmpty(clientId));
var token = new RefreshToken
{
Id = IdentityUtil.ComputeHash(refreshTokenId),
ClientId = clientId,
Subject = ticket.Identity.Name,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddMinutes(expiresInMinutes)
};
var props = ticket.Properties;
props.IssuedUtc = token.IssuedUtc;
props.ExpiresUtc = token.ExpiresUtc;
return(token);
}
