public async Task <RefreshAccessTokenResponse> RefreshAccessToken(RefreshAccessTokenRequest request) { var doc = await GetDiscoveryDocument(); var response = await _httpClient.RequestRefreshTokenAsync(new RefreshTokenRequest { Address = doc.TokenEndpoint, ClientId = _options.ClientId, ClientSecret = _options.ClientSecret, Scope = _options.Scope, RefreshToken = request.RefreshToken, }); if (response.IsError) { throw new AuthorizeFailedException(response.Error, response.Exception); } return(new RefreshAccessTokenResponse { AccessToken = response.AccessToken, Type = response.TokenType, ExpiresIn = response.ExpiresIn, RefreshToken = response.RefreshToken }); }
public void ToRestRequestReturnsRestRequestWithCorrectParameters() { // Arrange var tokensUri = new Uri("/tokens", UriKind.Relative); var refreshAccessTokenRequest = new RefreshAccessTokenRequest(RefreshToken, ClientId, ClientSecret); // Act var restRequest = refreshAccessTokenRequest.ToRestRequest(tokensUri); // Assert var expectedParameters = new List <Parameter> { new Parameter { Name = "grant_type", Value = "refresh_token", Type = ParameterType.GetOrPost }, new Parameter { Name = "client_id", Value = ClientId, Type = ParameterType.GetOrPost }, new Parameter { Name = "client_secret", Value = ClientSecret, Type = ParameterType.GetOrPost }, new Parameter { Name = "refresh_token", Value = RefreshToken, Type = ParameterType.GetOrPost } }; Assert.Equal(expectedParameters, restRequest.Parameters, new ParameterEqualityComparer()); }
public async Task <IActionResult> RefreshAccessToken([FromBody] RefreshAccessTokenRequest request, CancellationToken cancellationToken) { var response = await new OAuthClient().RequestToken( new AuthorizationCodeRefreshRequest(_SpotifyConfiguration.ClientId, _SpotifyConfiguration.ClientSecret, request.RefreshToken)); return(Ok(response)); }
private async Task RefreshAccessToken() { var request = new RefreshAccessTokenRequest { RefreshToken = _token.RefreshToken, }; var response = await _client.RefreshAccessToken(request); _token = _mapper.Map(response); }
public void ToRestRequestWithNullTokensUriThrowsArgumentNullException() { // Arrange Uri tokensUri = null; var refreshAccessTokenRequest = new RefreshAccessTokenRequest(RefreshToken, ClientId, ClientSecret); // Act // Assert Assert.Throws <ArgumentNullException>(() => refreshAccessTokenRequest.ToRestRequest(tokensUri)); }
public async Task <AccessTokenResponse> RefreshToken([FromBody] RefreshAccessTokenRequest credentials) { var currentUser = await _userManager.FindByIdAsync(credentials.UserId); if (currentUser?.RefreshToken != credentials.RefreshToken) { throw new DomainException(ErrorCode.InvalidRefreshToken, "Invalid refresh token"); } return(CreateToken(currentUser)); }
public void ToRestRequestReturnsRestRequestWithMethodIsPost() { // Arrange var tokensUri = new Uri("/tokens", UriKind.Relative); var refreshAccessTokenRequest = new RefreshAccessTokenRequest(RefreshToken, ClientId, ClientSecret); // Act var restRequest = refreshAccessTokenRequest.ToRestRequest(tokensUri); // Assert Assert.Equal(Method.POST, restRequest.Method); }
public void ToRestRequestReturnsRestRequestWithSpecifiedTokensUri() { // Arrange var tokensUri = new Uri("/tokens", UriKind.Relative); var refreshAccessTokenRequest = new RefreshAccessTokenRequest(RefreshToken, ClientId, ClientSecret); // Act var restRequest = refreshAccessTokenRequest.ToRestRequest(tokensUri); // Assert Assert.Equal(tokensUri.ToString(), restRequest.Resource); }
public async Task <string> GenerateAccessTokenWithRefressToken(RefreshAccessTokenRequest refreshRequest) { AppUser user = await GetUserByAccessToken(refreshRequest.AccessToken); if (user != null && ValidateRefreshToken(user, refreshRequest.RefreshToken)) { var u = user.RefreshToken.ExpiryDate.Subtract(DateTime.UtcNow); if (u.TotalDays < 2) { user.RefreshToken.ExpiryDate = DateTime.UtcNow.AddDays(7); } return(GenerateAccessToken(user)); } return(null); }
public async Task <IActionResult> RefreshToken([FromBody] RefreshAccessTokenRequest request) { var newAccessToken = await _tokenService.RefreshAccessToken(request.AccessToken, request.RefreshToken).ConfigureAwait(false); if (newAccessToken is null) { return(Forbid()); } return(Ok(new AccessTokenResponse { AccessToken = newAccessToken.Token, AccessTokenExpiresAt = newAccessToken.ExpiresAt.ToString("s"), RefreshToken = newAccessToken.RefreshToken })); }
public async Task <IActionResult> GetRefreshTokenByAccessToken([FromBody] RefreshAccessTokenRequest accessToken) { var refreshToken = await _userService.GetRefreshTokenByAccessToken(accessToken.AccessToken); if (refreshToken != null) { return(Ok(new ResponseBase <RefreshToken>() { data = refreshToken })); } return(Ok(new ResponseBase <string>() { msg = "Invalid access token" })); }
public async Task <IActionResult> RefreshToken([FromBody] RefreshAccessTokenRequest refreshRequest) { string newAccessToken = await _userService.GenerateAccessTokenWithRefressToken(refreshRequest); if (!String.IsNullOrEmpty(newAccessToken)) { return(Ok(new ResponseBase <string>() { data = newAccessToken })); } return(Ok(new ResponseBase <string>() { msg = "User not found or Refresh Token is invalid" })); }
private ZebrunnerApiClient() { _restClient = new RestClient(Configuration.GetServerHost()); _restClient.UseNewtonsoftJson(); var requestBody = new RefreshAccessTokenRequest { RefreshToken = Configuration.GetAccessToken() }; var request = new RestRequest(Iam("/v1/auth/refresh"), DataFormat.Json); request.AddJsonBody(requestBody); var response = _restClient.Post <RefreshAccessTokenResponse>(request); _restClient.Authenticator = new JwtAuthenticator(response.Data.AuthToken); _authenticationToken = response.Data.AuthToken; }
private TelekomJsonWebRequest <AccessTokenResponse> CreateRefreshAccessTokenWebRequest() { if (!HasRefreshToken()) { throw new InvalidOperationException("Cannot refresh without a refresh token"); } string uri = BaseUrl + "/tokens"; var request = new RefreshAccessTokenRequest() { ClientId = ClientId, ClientSecret = ClientSecret, GrantType = "refresh_token", RefreshToken = RefreshToken }; var webRequest = new TelekomJsonWebRequest <AccessTokenResponse>(uri, HttpMethod.POST); request.BuildRequestParameters(webRequest); return(webRequest); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); app.UseHsts(); } app.UseExceptionHandler("/Home/Error"); app.UseAuthentication(); app.UseHttpsRedirection(); app.UseSession(); app.UseStaticFiles(); app.UseRouting(); app.UseAuthorization(); app.Use(async(context, next) => { // Kiem tra accessToken va gia han var refreshToken = CookieEncoder.DecodeToken(context.Request.Cookies["refresh_token_cookie"]); var accessToken = CookieEncoder.DecodeToken(context.Request.Cookies["access_token_cookie"]); // Lay refreshToken by accessToken if (string.IsNullOrEmpty(refreshToken)) { if (string.IsNullOrEmpty(accessToken)) { context.Response.Cookies.Delete("Asp_Authentication"); //await next(); } else { HttpClient client = new HttpClient(); client.BaseAddress = new Uri(ConstStrings.BASE_URL_API); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); RefreshAccessTokenRequest RenewAccessTokenRequest = new RefreshAccessTokenRequest(); RenewAccessTokenRequest.AccessToken = accessToken; var json = JsonConvert.SerializeObject(RenewAccessTokenRequest); var httpContent = new StringContent(json, Encoding.UTF8, "application/json"); var responseMessage = await client.PostAsync("/api/Users/GetRefreshToken", httpContent); if (responseMessage.IsSuccessStatusCode) { var body = await responseMessage.Content.ReadAsStringAsync(); ResponseBase <RefreshToken> refreshTokenOfUser = JsonConvert.DeserializeObject <ResponseBase <RefreshToken> >(body); if (refreshTokenOfUser.data == null || string.IsNullOrEmpty(refreshTokenOfUser.data.Token)) { //context.Response.Cookies.Delete("access_token_cookie"); context.Response.Cookies.Delete("Asp_Authentication"); } else { refreshToken = refreshTokenOfUser.data.Token; context.Response.Cookies.Append("refresh_token_cookie", CookieEncoder.EncodeToken(refreshTokenOfUser.data.Token), new CookieOptions() { Expires = DateTime.UtcNow.AddDays(8), HttpOnly = true, Secure = true }); } } } } // ------------------------------- var IsPersistent = context.Session.GetInt32("IsPersistent"); if (IsPersistent == 1) { // Gia han SecurityToken validatedToken; TokenValidationParameters parameters = new TokenValidationParameters(); parameters.ClockSkew = TimeSpan.FromSeconds(5); parameters.ValidateLifetime = true; parameters.RequireExpirationTime = true; parameters.ValidAudience = Configuration["Tokens:Issuer"]; parameters.ValidIssuer = Configuration["Tokens:Issuer"]; parameters.IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Tokens:SecretKey"])); try { JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); tokenHandler.ValidateToken(accessToken, parameters, out validatedToken); var tokenExpiresAt = validatedToken.ValidTo; if (tokenExpiresAt.Subtract(DateTime.UtcNow).TotalDays < 1) { // gia han bang refreshToken RefreshAccessTokenRequest refreshAccessTokenRequest = new RefreshAccessTokenRequest(); refreshAccessTokenRequest.AccessToken = accessToken; refreshAccessTokenRequest.RefreshToken = refreshToken; HttpClient client = new HttpClient(); client.BaseAddress = new Uri(ConstStrings.BASE_URL_API); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); var refreshTokenJSON = JsonConvert.SerializeObject(refreshAccessTokenRequest); var content = new StringContent(refreshTokenJSON, Encoding.UTF8, "application/json"); var response = await client.PostAsync("/api/users/RefreshToken/", content); if (response.IsSuccessStatusCode) { var responseBody = await response.Content.ReadAsStringAsync(); ResponseBase <string> newAccessToken = JsonConvert.DeserializeObject <ResponseBase <string> >(responseBody); if (newAccessToken.msg != null) { context.Response.Cookies.Delete("Asp_Authentication"); } accessToken = newAccessToken.data; context.Response.Cookies.Append("access_token_cookie", CookieEncoder.EncodeToken(newAccessToken.data), new CookieOptions() { Expires = DateTime.UtcNow.AddDays(4), HttpOnly = true, Secure = true }); } } } catch (Exception) { context.Response.Cookies.Delete("Asp_Authentication"); } } // lay avatar url if (context.User != null) { var uid = context.User.FindFirst("UserID"); if (uid != null) { try { HttpClient client = new HttpClient(); client.BaseAddress = new Uri(ConstStrings.BASE_URL_API); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); var avatar = await client.GetAsync("/api/users/" + uid.Value); if (avatar.IsSuccessStatusCode) { var body = await avatar.Content.ReadAsStringAsync(); ResponseBase <AppUser> user = JsonConvert.DeserializeObject <ResponseBase <AppUser> >(body); if (user == null || !user.data.isActive) { context.Response.Cookies.Delete("Asp_Authentication"); } else { Global.Avatar_Url = user.data.Avatar; } } } catch (Exception) { context.Response.Cookies.Delete("Asp_Authentication"); } } } else { context.Response.Cookies.Delete("Asp_Authentication"); } //============= await next(); }); app.UseEndpoints(endpoints => { endpoints.MapAreaControllerRoute( name: "AdminArea", areaName: "Admin", pattern: "Admin/{controller=Home}/{action=Index}/{id?}"); endpoints.MapAreaControllerRoute( name: "UserArea", areaName: "User", pattern: "User/{controller=Home}/{action=Index}/{id?}"); endpoints.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); }); }
public async Task <string> RefreshAccessTokenAsync(RefreshAccessTokenRequest request) { var user = _userService.GetUserByUserName(request.RefreshToken.UserName); return(await CreateAccessToken(user)); }