public void UpdateTokenValueReturnsFalseForUnknownToken()
{
var props = new AuthenticationProperties();
var tokens = new List <AuthenticationToken>();
var tok1 = new AuthenticationToken {
Name = "One", Value = "1"
};
var tok2 = new AuthenticationToken {
Name = "Two", Value = "2"
};
var tok3 = new AuthenticationToken {
Name = "Three", Value = "3"
};
tokens.Add(tok1);
tokens.Add(tok2);
tokens.Add(tok3);
props.StoreTokens(tokens);
Assert.False(props.UpdateTokenValue("ONE", ".11"));
Assert.False(props.UpdateTokenValue("Jigglypuff", ".11"));
Assert.Null(props.GetTokenValue("ONE"));
Assert.Null(props.GetTokenValue("Jigglypuff"));
Assert.Equal(3, props.GetTokens().Count());
}
public void CanUpdateTokenValues()
{
var props = new AuthenticationProperties();
var tokens = new List <AuthenticationToken>();
var tok1 = new AuthenticationToken {
Name = "One", Value = "1"
};
var tok2 = new AuthenticationToken {
Name = "Two", Value = "2"
};
var tok3 = new AuthenticationToken {
Name = "Three", Value = "3"
};
tokens.Add(tok1);
tokens.Add(tok2);
tokens.Add(tok3);
props.StoreTokens(tokens);
Assert.True(props.UpdateTokenValue("One", ".11"));
Assert.True(props.UpdateTokenValue("Two", ".22"));
Assert.True(props.UpdateTokenValue("Three", ".33"));
Assert.Equal(".11", props.GetTokenValue("One"));
Assert.Equal(".22", props.GetTokenValue("Two"));
Assert.Equal(".33", props.GetTokenValue("Three"));
Assert.Equal(3, props.GetTokens().Count());
}
public async Task <IActionResult> ResourceOwnerPasswordLogin([FromBody][Required] LoginModel model)
{
try
{
var configuration = await _oidcOptions.ConfigurationManager.GetConfigurationAsync(default(CancellationToken));
var client = _httpClientFactory.CreateClient();
var request = new PasswordTokenRequest
{
Address = configuration.TokenEndpoint,
ClientId = _oidcOptions.ClientId,
ClientSecret = _oidcOptions.ClientSecret,
UserName = model.UserName,
Password = model.Password,
Scope = OpenIdConnectDefaults.AuthenticationScheme
};
request.Parameters.Add("resource", _oidcOptions.ClientId);
var response = await client.RequestPasswordTokenAsync(request);
if (response.IsError)
{
_logger.LogWarning($"Error RequestPasswordTokenAsync: {response.Error}, {response.ErrorDescription} ");
return(StatusCode(StatusCodes.Status401Unauthorized));
}
var properties = new AuthenticationProperties();
if (_oidcOptions.SaveTokens)
{
properties.UpdateTokenValue("access_token", response.AccessToken);
properties.UpdateTokenValue("refresh_token", response.RefreshToken);
DateTime newExpiresAt = DateTime.UtcNow + TimeSpan.FromSeconds(response.ExpiresIn);
properties.UpdateTokenValue("expires_at", newExpiresAt.ToString("o", CultureInfo.InvariantCulture));
}
var principal = ValidateAndDecode(response.AccessToken, configuration.SigningKeys, configuration.Issuer, _oidcOptions.ClientId);
await HttpContext.SignInAsync(principal, properties);
return(StatusCode(StatusCodes.Status200OK));
}
catch (Exception ex)
{
_logger.LogWarning("Error ResourceOwnerPasswordLogin: {error}", ex);
return(StatusCode(StatusCodes.Status401Unauthorized));
}
}
private async Task <bool> RefreshWebToken(AuthenticationProperties properties)
{
string webToken = properties.GetTokenValue("access_token");
if (!string.IsNullOrEmpty(webToken))
{
if (properties.ExpiresUtc < DateTime.UtcNow)
{
webToken = properties.GetTokenValue("refresh_token");
properties.UpdateTokenValue("access_token", webToken);
properties.UpdateTokenValue("refresh_token", string.Empty);
properties.ExpiresUtc = DateTime.UtcNow.AddHours(8);
}
return(true);
}
return(false);
}
private void UpdateTokenValue(AuthenticationProperties properties, string tokenName, string tokenValue)
{
if (properties.UpdateTokenValue(tokenName, tokenValue))
{
_logger.LogDebug("Updated token {TokenName}", tokenName);
return;
}
_logger.LogWarning("Failed to update token {TokenName}", tokenName);
}
