/// <summary> /// Create an access token for this account and add it to the list /// of usable tokens. /// </summary> /// <param name="pScope">scope of token (usually 'owner')</param> /// <param name="pParam">an extra uniquifying string to add to generated token</param> /// <returns>The created token</returns> public AuthTokenInfo CreateAccessToken(AuthTokenInfo.ScopeCode pScope, string pParam = "") { AuthTokenInfo authInfo = AuthTokenInfo.NewToken(pScope, pParam); this.AuthTokens.Insert(authInfo); this.Updated(); return(authInfo); }
// Get the authorization information for a particular token. // Returns 'null' if there is no such authorization. public bool TryGetAuthTokenInfo(string pToken, out AuthTokenInfo oAuthToken, AuthTokenInfo.ScopeCode pScope = AuthTokenInfo.ScopeCode.any) { foreach (var authInfo in AuthTokens.Enumerate()) { if (authInfo.Token == pToken && (pScope == AuthTokenInfo.ScopeCode.any || authInfo.Scope == pScope)) { oAuthToken = authInfo; return(true); } } oAuthToken = null; return(false); }
public static AuthTokenInfo NewToken(ScopeCode pScope, string pParam) { // Some quick tokens. Eventually move to JWT tokens. TimeSpan tokenExpirationInterval = new TimeSpan(Context.Params.P <int>(AppParams.P_ACCOUNT_AUTHTOKEN_LIFETIME_HOURS), 0, 0); // int tokenExpirationSeconds = (int)tokenExpirationInterval.TotalSeconds; // string refreshToken = Tools.SHA256Hash(tokenExpirationSeconds.ToString() + ";" + pParam); // string accessToken = Tools.SHA256Hash(DateTime.UtcNow.ToString() + ";" + refreshToken); string refreshToken = Guid.NewGuid().ToString(); string accessToken = Guid.NewGuid().ToString(); AuthTokenInfo authInfo = new AuthTokenInfo(accessToken, refreshToken) { TokenExpirationTime = DateTime.UtcNow + tokenExpirationInterval, Scope = pScope, ExtraParam = pParam }; return(authInfo); }
/// <summary> /// Search this account's access tokens for the one that needs refreshing /// and return a new token to replace it. /// Since the refresh tokens are unique to each token, that is used to /// lookup the one to create a replacement for. /// </summary> /// <param name="pRefreshToken">The refresh authoriation token</param> /// <returns>The created token or 'null' if the refreshing could not happen</returns> public AuthTokenInfo RefreshAccessToken(string pRefreshToken) { AuthTokenInfo ret = null; try { AuthTokenInfo refreshable = this.AuthTokens.Where(tok => { return(pRefreshToken == tok.RefreshToken); }).First(); // If one of the tokens is refreshable, move its expiration forward if (refreshable != null) { TimeSpan tokenExpirationInterval = new TimeSpan(Context.Params.P <int>(AppParams.P_ACCOUNT_AUTHTOKEN_LIFETIME_HOURS), 0, 0); refreshable.TokenExpirationTime = DateTime.UtcNow + tokenExpirationInterval; ret = refreshable; } } catch { // The .Where().First() throws if there is not a refreshable token ret = null; } return(ret); }