private async Task <IHttpActionResult> RefreshGrantRequest(string refresh_token, IApplication application, CancellationToken cancellationToken) { // Build and send a request to the Stormpath API var refreshGrantRequest = OauthRequests.NewRefreshGrantRequest() .SetRefreshToken(refresh_token) .Build(); try { var result = await application.NewRefreshGrantAuthenticator() .AuthenticateAsync(refreshGrantRequest, cancellationToken); return(Ok(new TokenResult() { AccessToken = result.AccessTokenString, RefreshToken = result.RefreshTokenString, TokenType = result.TokenType, ExpiresIn = result.ExpiresIn })); } catch (ResourceException rex) { return(BadRequest(rex.Message)); } }
private async Task <IAccount> RefreshAccessTokenAsync(IOwinEnvironment context, IClient client, string refreshTokenJwt) { // Attempt refresh grant against Stormpath var request = OauthRequests.NewRefreshGrantRequest() .SetRefreshToken(refreshTokenJwt) .Build(); var application = await client.GetApplicationAsync(this.Configuration.Application.Href, context.CancellationToken); var authenticator = application.NewRefreshGrantAuthenticator(); IOauthGrantAuthenticationResult grantResult = null; try { grantResult = await authenticator.AuthenticateAsync(request, context.CancellationToken); } catch (InvalidJwtException jwex) { logger.Info($"Failed to authenticate the request due to a malformed or expired refresh token. Message: '{jwex.Message}'", nameof(RefreshAccessTokenAsync)); return(null); } catch (ResourceException rex) { logger.Warn(rex, "Failed to refresh an access_token given a refresh_token."); return(null); } // Get a new access token IAccessToken newAccessToken = null; try { newAccessToken = await grantResult.GetAccessTokenAsync(context.CancellationToken); } catch (ResourceException rex) { logger.Error(rex, "Failed to get a new access token after receiving grant response.", nameof(RefreshAccessTokenAsync)); } // Get the account details IAccount account = null; try { account = await GetExpandedAccountAsync(client, newAccessToken, context.CancellationToken); } catch (ResourceException rex) { logger.Error(rex, $"Failed to get account {newAccessToken.AccountHref}", nameof(RefreshAccessTokenAsync)); return(null); } logger.Trace("Access token refreshed using Refresh token. Adding cookies to response", nameof(RefreshAccessTokenAsync)); Cookies.AddTokenCookiesToResponse(context, client, grantResult, this.Configuration, logger); return(account); }
public async Task Refreshing_access_token_with_instance(TestClientProvider clientBuilder) { var client = clientBuilder.GetClient(); var tenant = await client.GetCurrentTenantAsync(); // Create a dummy application var createdApplication = await tenant.CreateApplicationAsync( $".NET IT {this.fixture.TestRunIdentifier}-{clientBuilder.Name} Getting Refresh Token for Application", createDirectory : false); createdApplication.Href.ShouldNotBeNullOrEmpty(); this.fixture.CreatedApplicationHrefs.Add(createdApplication.Href); // Add the test accounts await createdApplication.AddAccountStoreAsync(this.fixture.PrimaryDirectoryHref); var passwordGrantRequest = OauthRequests.NewPasswordGrantRequest() .SetLogin("*****@*****.**") .SetPassword("whataPieceofjunk$1138") .SetAccountStore(this.fixture.PrimaryDirectoryHref) .Build(); var originalGrantResult = await createdApplication.NewPasswordGrantAuthenticator() .AuthenticateAsync(passwordGrantRequest); var account = await tenant.GetAccountAsync(this.fixture.PrimaryAccountHref); var refreshToken = await account .GetRefreshTokens() .Where(x => x.ApplicationHref == createdApplication.Href) .SingleOrDefaultAsync(); refreshToken.ShouldNotBeNull(); var refreshGrantRequest = OauthRequests.NewRefreshGrantRequest() .SetRefreshToken(refreshToken) .Build(); var refreshGrantResult = await createdApplication.NewRefreshGrantAuthenticator() .AuthenticateAsync(refreshGrantRequest); refreshGrantResult.AccessTokenHref.ShouldNotBe(originalGrantResult.AccessTokenHref); refreshGrantResult.AccessTokenString.ShouldNotBe(originalGrantResult.AccessTokenString); refreshGrantResult.RefreshTokenString.ShouldBe(originalGrantResult.RefreshTokenString); // Clean up (await refreshToken.DeleteAsync()).ShouldBeTrue(); (await createdApplication.DeleteAsync()).ShouldBeTrue(); this.fixture.CreatedApplicationHrefs.Remove(createdApplication.Href); }
private async Task <bool> ExecuteRefreshFlow(IOwinEnvironment context, IClient client, string refreshToken, CancellationToken cancellationToken) { var application = await client.GetApplicationAsync(_configuration.Application.Href, cancellationToken); var refreshGrantRequest = OauthRequests.NewRefreshGrantRequest() .SetRefreshToken(refreshToken) .Build(); var tokenResult = await application.NewRefreshGrantAuthenticator() .AuthenticateAsync(refreshGrantRequest, cancellationToken); var sanitizer = new GrantResultResponseSanitizer(); return(await JsonResponse.Ok(context, sanitizer.SanitizeResponseWithRefreshToken(tokenResult)).ConfigureAwait(false)); }
public void Refreshing_access_token_with_jwt(TestClientProvider clientBuilder) { var client = clientBuilder.GetClient(); var tenant = client.GetCurrentTenant(); // Create a dummy application var createdApplication = tenant.CreateApplication( $".NET IT {this.fixture.TestRunIdentifier}-{clientBuilder.Name} Refreshing Access Token - Sync", createDirectory: false); createdApplication.Href.ShouldNotBeNullOrEmpty(); this.fixture.CreatedApplicationHrefs.Add(createdApplication.Href); // Add the test accounts createdApplication.AddAccountStore(this.fixture.PrimaryDirectoryHref); var passwordGrantRequest = OauthRequests.NewPasswordGrantRequest() .SetLogin("*****@*****.**") .SetPassword("whataPieceofjunk$1138") .SetAccountStore(this.fixture.PrimaryDirectoryHref) .Build(); var originalGrantResult = createdApplication.NewPasswordGrantAuthenticator() .Authenticate(passwordGrantRequest); var refreshGrantRequest = OauthRequests.NewRefreshGrantRequest() .SetRefreshToken(originalGrantResult.RefreshTokenString) .Build(); var refreshGrantResult = createdApplication.NewRefreshGrantAuthenticator() .Authenticate(refreshGrantRequest); refreshGrantResult.AccessTokenHref.ShouldNotBe(originalGrantResult.AccessTokenHref); refreshGrantResult.AccessTokenString.ShouldNotBe(originalGrantResult.AccessTokenString); refreshGrantResult.RefreshTokenString.ShouldBe(originalGrantResult.RefreshTokenString); // Clean up createdApplication.Delete().ShouldBeTrue(); this.fixture.CreatedApplicationHrefs.Remove(createdApplication.Href); }