public async Task RefreshTokensAsync() { var refreshToken = await context.GetTokenAsync(OpenIdConnectParameterNames.RefreshToken); if (string.IsNullOrEmpty(refreshToken)) { throw new ArgumentNullException(nameof(refreshToken)); } // This is what [Authorize] calls var userResult = await context.AuthenticateAsync(); var user = userResult.Principal; var props = userResult.Properties; var options = optionsMonitor.Get(props.Items[".AuthScheme"]); var now = DateTimeOffset.Now; var scope = string.Join(" ", options.Scope); var timestamp = now.ToString("yyyy.MM.dd HH:mm:ss") + " " + now.ToString("zzz").Replace(":", ""); var clientId = options.ClientId; var state = Guid.NewGuid().ToString(); var clientSecret = EsiaExtensions.SignData(esiaSigner, esiaOptions, scope, timestamp, clientId, state); var pairs = new Dictionary <string, string>() { { "client_id", options.ClientId }, { "client_secret", clientSecret }, { "scope", scope }, { "timestamp", timestamp }, { "state", state }, { "grant_type", "refresh_token" }, { "refresh_token", refreshToken } }; var content = new FormUrlEncodedContent(pairs); var tokenResponse = await options.Backchannel.PostAsync(options.Configuration.TokenEndpoint, content, context.RequestAborted); tokenResponse.EnsureSuccessStatusCode(); var payload = JObject.Parse(await tokenResponse.Content.ReadAsStringAsync()); var stateReceived = payload.Value <string>("state"); if (state != stateReceived) { throw new ArgumentException(nameof(state)); } props.UpdateTokenValue("access_token", payload.Value <string>("access_token")); props.UpdateTokenValue("refresh_token", payload.Value <string>("refresh_token")); if (int.TryParse(payload.Value <string>("expires_in"), NumberStyles.Integer, CultureInfo.InvariantCulture, out var seconds)) { var expiresAt = DateTimeOffset.UtcNow + TimeSpan.FromSeconds(seconds); props.UpdateTokenValue("expires_at", expiresAt.ToString("o", CultureInfo.InvariantCulture)); } await context.SignInAsync(user, props); }
/// <summary> /// Событие перенаправления к поставщику данных. /// </summary> public override Task RedirectToIdentityProvider(RedirectContext context) { // prepare data var now = DateTimeOffset.Now; var pm = context.ProtocolMessage; // add additional fields for redirect pm.ResponseType = OpenIdConnectResponseType.Code; pm.Parameters.Add("access_type", "offline"); pm.Parameters.Add("timestamp", now.ToString("yyyy.MM.dd HH:mm:ss") + " " + now.ToString("zzz").Replace(":", "")); pm.State = Guid.NewGuid().ToString(); // get data for sign var scope = pm.Parameters["scope"]; var timestamp = pm.Parameters["timestamp"]; var clientId = pm.ClientId; var state = pm.State; // set clientSecret pm.ClientSecret = EsiaExtensions.SignData(EsiaSigner, EsiaOptions, scope, timestamp, clientId, state); return(AddAdditionalParametersForReceivingAccessCode(pm.Parameters)); }
/// <summary> /// Событие получения маркера доступа и(или) маркера идентификации. /// </summary> public override Task AuthorizationCodeReceived(AuthorizationCodeReceivedContext context) { // prepare data var now = DateTimeOffset.Now; var pm = context.TokenEndpointRequest; // add additional fields for redirect pm.ClientId = context.Options.ClientId; pm.Parameters.Add("scope", string.Join(" ", (context.Properties as OpenIdConnectChallengeProperties)?.Scope ?? context.Options.Scope)); pm.Parameters.Add("timestamp", now.ToString("yyyy.MM.dd HH:mm:ss") + " " + now.ToString("zzz").Replace(":", "")); pm.State = Guid.NewGuid().ToString(); // get data for sign var scope = pm.Parameters["scope"]; var timestamp = pm.Parameters["timestamp"]; var clientId = pm.ClientId; var state = pm.State; // set clientSecret pm.ClientSecret = EsiaExtensions.SignData(EsiaSigner, EsiaOptions, scope, timestamp, clientId, state); // ok return(Task.CompletedTask); }