public TokenControllerTests()
{
Thread.CurrentPrincipal = new TestPrincipalWrapper(new Claim(ClaimTypes.Email, _properEmail));
_externalLoginInfoInstance = new ExternalLoginInfo((ClaimsPrincipal)Thread.CurrentPrincipal, "Facebook", "providers_key", "some_display_name");
_returnedResponseTokenModel = new TokenResponseViewModel()
{
DisplayName = "foo1",
Email = "foo2",
RefreshToken = "foo3",
Role = "foo4",
Token = "foo5",
User = "******"
};
_properRevokeTokenModel = new RevokeTokenRequestViewModel()
{
UserName = _properName,
Token = _properToken,
RefreshToken = _properToken
};
_properRefreshTokenModel = new RefreshTokenRequestViewModel()
{
Email = _properEmail,
RefreshToken = _properToken
};
_properTokenRequestModel = new TokenRequestViewModel()
{
Email = _properEmail,
Password = _properPassword,
};
_properUser = new AppUser()
{
Email = _properEmail
};
DefaultHttpContext httpContext = new DefaultHttpContext();
TempDataDictionary tempData = new TempDataDictionary(httpContext, Mock.Of <ITempDataProvider>())
{
{ "requestIp", "127.0.0.1" }
};
_tokenServiceMock = new Mock <ITokenService>();
_userServiceMock = new Mock <IUserService>();
_userServiceMock.Setup(mock => mock.GetIpAddress(It.IsAny <DefaultHttpContext>())).Returns("127.0.0.1");
_userServiceMock.Setup(mock => mock.FindUserByEmail(_properEmail)).ReturnsAsync(_properUser);
_userServiceMock.Setup(mock => mock.FindUserByEmail(_wrongEmail)).ReturnsAsync((AppUser)null);
_userServiceMock.Setup(mock => mock.VerifyUsersPassword(It.IsAny <AppUser>(), It.IsAny <string>())).ReturnsAsync(true);
_userServiceMock.Setup(mock => mock.GetUserRoleAsync(It.IsAny <AppUser>())).ReturnsAsync("User");
_userServiceMock.Setup(mock => mock.GetExternalLogin()).ReturnsAsync(_externalLoginInfoInstance);
_userServiceMock.Setup(mock => mock.CreateUserAsync(It.IsAny <UserRegisterViewModel>())).ReturnsAsync(true);
_tokenServiceMock.Setup(mock => mock.GenerateTokenResponse(It.IsAny <AppUser>(), It.IsAny <string>(), It.IsAny <string>())).Returns(_returnedResponseTokenModel);
_tokenServiceMock.Setup(mock => mock.VerifyRefreshToken(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>())).Returns(true);
_tokenServiceMock.Setup(mock => mock.RevokeTokens(_properRevokeTokenModel)).Returns(true);
_controller = new TokenController(_tokenServiceMock.Object, _userServiceMock.Object)
{
TempData = tempData
};
}
public IActionResult RevokeToken([FromBody] RevokeTokenRequestViewModel model)
{
if (!_tokenService.RevokeTokens(model))
{
return(new ObjectResult("There was a problem logging the user out correctly.")
{
StatusCode = 500
});
}
return(Ok());
}
public bool RevokeTokens(RevokeTokenRequestViewModel model)
{
try
{
_tokenRepo.DeleteRefreshToken(model.UserName);
CleanUpBlacklistedTokens();
_tokenRepo.AddBlacklistedToken(model.Token);
return(true);
}
catch
{
return(false);
}
}
public IActionResult RevokeToken(RevokeTokenRequestViewModel model)
{
// accept token from request body or cookie
var token = model.Token ?? Request.Cookies["refreshToken"];
if (string.IsNullOrEmpty(token))
{
return(BadRequest(new { message = "Token is required" }));
}
// users can revoke their own tokens and admins can revoke any tokens
if (!Account.OwnsToken(token) && Account.Role != Role.Admin)
{
return(Unauthorized(new { message = "Unauthorized" }));
}
_accountService.RevokeToken(token, ipAddress());
return(Ok(new { message = "Token revoked" }));
}
