public async Task ValidateBeforeTokenRefresh(TokenForRefreshDto tokenForRefresh) { var validatedToken = _jwtService.GetPrincipalFromToken(tokenForRefresh.Token); if (validatedToken == null) { ThrowValidationError("Token", "Invalid token!"); } var expiryDateUnix = long.Parse(validatedToken.Claims .Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value); var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc) .AddSeconds(expiryDateUnix); if (expiryDateTimeUtc > DateTime.UtcNow) { ThrowValidationError("Token", "Invalid token!"); } var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value; var storedRefreshToken = await _refreshTokenRepository.FirstOrDefaultAsync(x => x.Token == tokenForRefresh.RefreshToken && x.JwtId == jti); if (storedRefreshToken == null || DateTime.UtcNow > storedRefreshToken.ExpiryDate || storedRefreshToken.Invalidated || storedRefreshToken.Used) { ThrowValidationError("Token", "Invalid token!"); } }
public async Task <IActionResult> RefreshToken(TokenForRefreshDto tokenForRefresh) { await _authValidatorService.ValidateBeforeTokenRefresh(tokenForRefresh); var token = await _authService.RefreshToken(tokenForRefresh); return(Ok(token)); }
public async Task <ActionResult <JwtForClientDto> > Refresh(TokenForRefreshDto data) { var token = await _AuthService.CreateJwtFromRefreshToken(data.refreshToken); return(Ok(new JwtForClientDto { AccessToken = token, RefreshToken = data.refreshToken })); }
public async Task <TokenAndRefreshTokenPairDto> RefreshToken(TokenForRefreshDto tokenForRefresh) { var validatedToken = _jwtService.GetPrincipalFromToken(tokenForRefresh.Token); var jti = _jwtService.GetJtiFromToken(validatedToken); await _refreshTokenService.MarkAsUsed(tokenForRefresh.RefreshToken, jti, commit : false); var user = await _userManager.FindByIdAsync(_jwtService.GetUserIdFromToken(validatedToken)); return(await _jwtService.GenerateTokenAndRefreshTokenPair(user)); }
public async Task <IActionResult> Refresh(TokenForRefreshDto tokenForRefresh) { var principal = GetPrincipalFromExpiredToken(tokenForRefresh.Token); var username = principal.Identity.Name; var user = await _userManager.FindByNameAsync(username); var savedRefreshToken = user.RefreshToken; //retrieve the refresh token from a data store if (savedRefreshToken != tokenForRefresh.RefreshToken) { throw new SecurityTokenException("Invalid refresh token"); } var newJwtToken = GenerateJwtToken(user); var newRefreshToken = GenerateRefreshToken(); user.RefreshToken = newRefreshToken; await _userManager.UpdateAsync(user); return(new ObjectResult(new { token = newJwtToken, refreshToken = newRefreshToken })); }