public async Task <IActionResult> Refresh([FromBody] TokenRefreshRequest request)
{
var authResponse = await _identityRepository.RefreshTokenAsync(request.Token, request.RefreshToken);
if (!authResponse.Success)
{
return(BadRequest(new AuthFailResponse
{
Errors = authResponse.Errors
}));
}
return(Ok(new AuthSuccessResponse
{
Token = authResponse.Token,
RefreshToken = authResponse.RefreshToken
}));
}
public async Task <string> RefreshTokenAsync(string token)
{
var tokenRefreshRequest = new TokenRefreshRequest
{
OriginalJWT = token
};
using (var response = await _client.PostAsync(_authOptions.ApiAuthTokenRefreshUrl, tokenRefreshRequest, _jsonSettings))
{
if (!response.IsSuccessStatusCode)
{
_logger.LogInformation($"Token refresh failed. Response status code: {response.StatusCode}");
return(null);
}
var tokenRefreshResponse = await response.Content.ReadAsAsync <TokenRefreshResponse>();
return(tokenRefreshResponse.Jwt);
}
}
protected async Task <string> GetAccessToken()
{
if (userRepository != null)
{
if (userRepository.LastLogin.AddSeconds(userRepository.TokenTime) > DateTime.Now.AddSeconds(120))
{
return(userRepository.AccessToken);
}
else
{
TokenRefreshRequest tokenRefreshRequest = new TokenRefreshRequest
{
refreshToken = userRepository.RefreshToken,
};
var res = await _xlinkApi.postUserTokenRefresh(tokenRefreshRequest, userRepository.AccessToken);
userRepository.AccessToken = res.accessToken;
userRepository.TokenTime = int.Parse(res.expireIn);
userRepository.LastLogin = DateTime.Now;
userRepository.RefreshToken = res.refreshToken;
return(userRepository.AccessToken);
}
}
else
{
UserAuthRequest userAuthRequest = new UserAuthRequest
{
};
var res = await _xlinkApi.postUserAuth(userAuthRequest);
userRepository = new UserRepository
{
AccessToken = res.accessToken,
TokenTime = res.expireIn,
LastLogin = DateTime.Now,
RefreshToken = res.refreshToken,
};
return(userRepository.AccessToken);
}
}
public async Task <IActionResult> TokenRefresh([FromBody] TokenRefreshRequest request)
{
var client = _httpClientFactory.CreateClient(HttpClients.ApiGW);
var jsonRequest = JsonConvert.SerializeObject(request);
var stringContent = new StringContent(jsonRequest, UnicodeEncoding.UTF8, "application/json");
var response = await client.PutAsync(API.Auth.PutRefreshToken(_settings.LoginApiUrl, VERSION_API), stringContent);
if (response.StatusCode == HttpStatusCode.BadRequest)
{
return(BadRequest());
}
var result = await response.Content.ReadAsStringAsync();
var authResponse = JsonConvert.DeserializeObject <AuthResponse>(result);
return(Ok(authResponse));
}
/*
* Eğer access token a sahip bir user refresh isteğinde bulunursa refresh edilip yeni token ile islemine devam edebilecek
* user ın token ı var ama expired olmussa ozaman hata dondurecek
*/
public async Task <UserInfo> RefreshToken(TokenRefreshRequest refreshRequest)
{
var tokenHandler = new JwtSecurityTokenHandler();
var readedToken = tokenHandler.ReadJwtToken(refreshRequest.Token);
if (refreshRequest.ExpireTime < DateTime.Now)
{
throw new ArgumentNullException("Token is no longer available ");
}
var user = await _dbContext.Users.SingleOrDefaultAsync(user => user.LoginName == refreshRequest.LoginUser &&
user.Password == refreshRequest.LoginPassword);
if (user == null)
{
return(null);
}
var secretKey = _configuration.GetValue <string>("JwtTokenKey");
var claims = readedToken.Claims;
var singingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey));
var refreshTokenDescription = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
NotBefore = DateTime.Now,
Expires = DateTime.Now.AddMinutes(1),
SigningCredentials = new SigningCredentials(singingKey, SecurityAlgorithms.HmacSha256Signature),
};
var refreshToken = tokenHandler.CreateToken(refreshTokenDescription);
var userInfo = _mapper.Map <UserInfo>(user);
userInfo.ExpireTime = refreshTokenDescription.Expires ?? DateTime.Now.AddHours(1);
userInfo.Token = tokenHandler.WriteToken(refreshToken);
return(userInfo);
}
public IActionResult RefreshToken([FromBody] TokenRefreshRequest tokenRefreshRequest)
{
Logger.Debug("Request: {0}", Framework.Common.SerializeJson.ToObject(tokenRefreshRequest));
DateTime dateRequest = DateTime.Now;
var response = new IResponse <TokenRefreshResponse>();
string correlationId = string.Empty;
try
{
#region Authorization Usuario y Contraseña
if (string.IsNullOrEmpty(Request.Headers["Authorization"]))
{
var validate = Models.Response.Error(null, "NotAuthenticated");
response.Data = null;
response.Message = validate.Message;
response.State = validate.State;
return(Unauthorized(response));
}
AuthenticationHeaderValue authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentials = Encoding.UTF8.GetString(Convert.FromBase64String(authHeader.Parameter)).Split(':');
correlationId = Request.Headers["Correlation-Id"].ToString();
Core.Entity.User user = new Core.Entity.User()
{
Public = tokenRefreshRequest.PublicToken,
UserName = credentials[0],
Password = credentials[1]
};
var userAuthenticate = _user.Authenticate(user);
if (userAuthenticate.Data == null)
{
var validate = Models.Response.Error("NotAuthenticated");
response.Data = null;
response.Message = validate.Message;
response.State = validate.State;
return(Unauthorized(response));
}
Core.Entity.UserPolicy userPolicy = new Core.Entity.UserPolicy()
{
AppUserId = tokenRefreshRequest.AppUserId,
IdUser = ((Core.Entity.User)userAuthenticate.Data).Id
};
Core.Entity.Policy policy = new Core.Entity.Policy()
{
Name = Request.Path.Value
};
var userPolicyAuthorize = _userPolicy.Authorize(userPolicy, policy);
if (userPolicyAuthorize.Data == null)
{
var validate = Models.Response.Error("NotUnauthorized");
response.Data = null;
response.Message = validate.Message;
response.State = validate.State;
return(Unauthorized(response));
}
#endregion
var refreshToken = Request.Cookies["refreshToken"];
string ipAddress = "";
if (Request.Headers.ContainsKey("X-Forwarded-For"))
{
ipAddress = Request.Headers["X-Forwarded-For"];
}
else
{
ipAddress = HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString();
}
var newRefreshToken = _tokenManager.GenerateRefreshToken(ipAddress, _configuration.GetValue <double>("JwtSettings:TimeExpirationTokenRefresh"));
var refreshTokenUpdate = _refreshToken.RefreshTokenUpdate(tokenRefreshRequest.Email, ipAddress, refreshToken, newRefreshToken.Token);
if (refreshTokenUpdate.Data == null)
{
response.Data = null;
response.State = refreshTokenUpdate.State;
response.Message = refreshTokenUpdate.Message;
return(BadRequest(response));
}
var clientData = (Core.Entity.Client)refreshTokenUpdate.Data;
newRefreshToken.CreationUser = tokenRefreshRequest.AppUserId;
newRefreshToken.EmailClient = tokenRefreshRequest.Email;
var refreshTokenInsertClient = _refreshToken.Insert(newRefreshToken);
if (refreshTokenInsertClient.Data == null)
{
response.Data = null;
response.State = refreshTokenInsertClient.State;
response.Message = refreshTokenInsertClient.Message;
return(BadRequest(response));
}
var refreshTokenRemove = _refreshToken.RemoveOldRefreshTokens(tokenRefreshRequest.Email, _configuration.GetValue <int>("JwtSettings:RefreshTokenTTL"));
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Iat, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Name, clientData.NameComplete),
new Claim(ClaimTypes.Email, clientData.Email),
};
var accessToken = _tokenManager.GenerateAccessToken(claims);
var cookieOptions = new CookieOptions
{
//HttpOnly = true,
Expires = DateTime.UtcNow.AddDays(_configuration.GetValue <double>("JwtSettings:TimeExpirationTokenRefresh")),
SameSite = SameSiteMode.None,
Secure = true,
};
Response.Cookies.Append("refreshToken", newRefreshToken.Token, cookieOptions);
response.Data = new TokenRefreshResponse
{
Email = clientData.Email,
Role = clientData.Role == Core.Entity.Role.Admin ? "Admin" : "User",
Verify = clientData.IsVerified,
RegistredCompleted = clientData.CompleteRegister,
Token = accessToken,
RefreshToken = newRefreshToken.Token
};
response.Message = Models.Response.CommentMenssage("TokenRefreshSuccessful");
response.State = "000";
return(Ok(response));
}
catch (Exception ex)
{
Logger.Error("Message: {0}; Exception: {1}", ex.Message, Framework.Common.SerializeJson.ToObject(ex));
response.Data = null;
response.Message = "Error General";
response.State = "099";
return(BadRequest(response));
}
finally
{
DateTime dateResponse = DateTime.Now;
Core.Entity.ConsumptionHistory consumptionHistory = new Core.Entity.ConsumptionHistory
{
ApiName = Request.Path.Value,
Host = Dns.GetHostName() + ":" + Request.Host.Port,
CorrelationId = correlationId,
AppUserId = tokenRefreshRequest.AppUserId,
Request = Framework.Common.SerializeJson.ToObject(tokenRefreshRequest),
DateRequest = dateRequest,
Response = Framework.Common.SerializeJson.ToObject(response),
DateResponse = dateResponse,
CodeResponse = response.State
};
_consumptionHistory.Insert(consumptionHistory);
Logger.Debug("Request: {0} Response: {1}", tokenRefreshRequest, response);
}
}
/// <summary>
///
/// </summary>
/// <returns></returns>
public async Task RefreshTokenAsync()
{
var loginRequest = new TokenRefreshRequest(ClientId, ClientSecret, AuthTokens.AccessToken);
await LoginInternal(loginRequest);
}
