private void CreateAuthenticationCode(AuthenticationTokenCreateContext context) { context.SetToken(Guid.NewGuid().ToString("n") + Guid.NewGuid().ToString("n")); RockCache.AddOrUpdate(context.Token, context.SerializeTicket()); }
public Task CreateAsync(AuthenticationTokenCreateContext context) { Create(context); return(Task.FromResult(0)); }
public Task CreateAsync(AuthenticationTokenCreateContext context) => Task.Run(() => Create(context));
public void Create(AuthenticationTokenCreateContext context) { context.SetToken(Guid.NewGuid().ToString("n") + Guid.NewGuid().ToString("n")); _refreshTokens[context.Token] = context.SerializeTicket(); }
public async Task CreateAsync(AuthenticationTokenCreateContext context) { Create(context); }
private void CreateRefreshToken(AuthenticationTokenCreateContext context) { context.SetToken(context.SerializeTicket()); }
private void CreateAuthenticationCode(AuthenticationTokenCreateContext context) { }
public void Create(AuthenticationTokenCreateContext context) { }
public override void Create(AuthenticationTokenCreateContext context) { base.Create(context); }
private void CreateRefreshToken(AuthenticationTokenCreateContext context) { }
public override Task CreateAsync(AuthenticationTokenCreateContext context) { return(base.CreateAsync(context)); }
public override void Create(AuthenticationTokenCreateContext context) { context.SetToken(Guid.NewGuid().ToString("N")); }
private void CreateRefreshToken(AuthenticationTokenCreateContext context) { context.Ticket.Properties.ExpiresUtc = new DateTimeOffset(DateTime.Now.AddHours(ExampleCommon.Constants.REFRESH_TOKEN_EXPIRED_HOURS)); context.SetToken(context.SerializeTicket()); }
/// <summary> /// 生成 authorization_code /// </summary> public override void Create(AuthenticationTokenCreateContext context) { context.SetToken(Guid.NewGuid().ToString("N")); _authenticationCodes[context.Token] = context.SerializeTicket(); }
/// <summary>Create</summary> /// <param name="context">AuthenticationTokenCreateContext</param> public void Create(AuthenticationTokenCreateContext context) { this.CreateAuthenticationCode(context); }
/// <summary> /// 建立 AuthenticationTokenCreateContext /// </summary> /// <param name="context"></param> /// <returns></returns> public async Task CreateAsync(AuthenticationTokenCreateContext context) { var clientid = context.Ticket.Properties.Dictionary["as:client_id"]; if (string.IsNullOrEmpty(clientid)) { return; } //產成的新Token的唯一標別碼,在此使用Guid(有需要再改其它演算法) var refreshTokenId = Guid.NewGuid().ToString("n"); //更新Token的生存時間值,該值將被用於確定新Token有多長的有效期 using (AuthBLL _auth = new AuthBLL()) { var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime"); //有值延長為2倍,若為null則預設60分鐘 double doubleRefreshTokenLifeTime = 60; bool isDoubleRefreshTokenLifeTime = double.TryParse(refreshTokenLifeTime, out doubleRefreshTokenLifeTime); if (!isDoubleRefreshTokenLifeTime) { doubleRefreshTokenLifeTime = 60; } else { doubleRefreshTokenLifeTime = doubleRefreshTokenLifeTime * 2; } var token = new RefreshToken() { Id = Helper.GetHash(refreshTokenId), ClientId = clientid, Subject = context.Ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, //有效期限(分鐘,有需要再改) ExpiresUtc = DateTime.UtcNow.AddMinutes(doubleRefreshTokenLifeTime) }; context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; //在資料庫中以序列化形式儲存 token.ProtectedTicket = context.SerializeTicket(); //儲存到RefreshTokens資料表中 var result = await _auth.AddRefreshToken(token); if (result) { //建立暫存refreshToken用 var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary) { IssuedUtc = context.Ticket.Properties.IssuedUtc, ExpiresUtc = DateTime.UtcNow.AddMinutes(doubleRefreshTokenLifeTime) }; var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity, refreshTokenProperties); _refreshTokens.TryAdd(refreshTokenId, refreshTokenTicket); //回傳新的Token context.SetToken(refreshTokenId); } } }
/// <summary>CreateAsync</summary> /// <param name="context">AuthenticationTokenCreateContext</param> /// <returns>Task</returns> public Task CreateAsync(AuthenticationTokenCreateContext context) { return(Task.Factory.StartNew(() => this.CreateAuthenticationCode(context))); }
private static void CreateRefreshToken(AuthenticationTokenCreateContext obj) { // throw new NotImplementedException(); obj.SetToken(obj.SerializeTicket()); }
protected override async Task ApplyResponseGrantAsync() { // only successful results of an authorize request are altered if (_clientContext == null || _authorizeEndpointRequest == null || Response.StatusCode != 200) { return; } // only apply with signin of matching authentication type AuthenticationResponseGrant signin = Helper.LookupSignIn(Options.AuthenticationType); if (signin == null) { return; } var returnParameter = new Dictionary <string, string>(); if (_authorizeEndpointRequest.IsAuthorizationCodeGrantType) { DateTimeOffset currentUtc = Options.SystemClock.UtcNow; signin.Properties.IssuedUtc = currentUtc; signin.Properties.ExpiresUtc = currentUtc.Add(Options.AuthorizationCodeExpireTimeSpan); // associate client_id with all subsequent tickets signin.Properties.Dictionary[Constants.Extra.ClientId] = _authorizeEndpointRequest.ClientId; if (!string.IsNullOrEmpty(_authorizeEndpointRequest.RedirectUri)) { // keep original request parameter for later comparison signin.Properties.Dictionary[Constants.Extra.RedirectUri] = _authorizeEndpointRequest.RedirectUri; } var context = new AuthenticationTokenCreateContext( Context, Options.AuthorizationCodeFormat, new AuthenticationTicket(signin.Identity, signin.Properties)); await Options.AuthorizationCodeProvider.CreateAsync(context); string code = context.Token; if (string.IsNullOrEmpty(code)) { _logger.WriteError("response_type code requires an Options.AuthorizationCodeProvider implementing a single-use token."); var errorContext = new OAuthValidateAuthorizeRequestContext(Context, Options, _authorizeEndpointRequest, _clientContext); errorContext.SetError(Constants.Errors.UnsupportedResponseType); await SendErrorRedirectAsync(_clientContext, errorContext); return; } var authResponseContext = new OAuthAuthorizationEndpointResponseContext( Context, Options, new AuthenticationTicket(signin.Identity, signin.Properties), _authorizeEndpointRequest, null, code); await Options.Provider.AuthorizationEndpointResponse(authResponseContext); foreach (var parameter in authResponseContext.AdditionalResponseParameters) { returnParameter[parameter.Key] = parameter.Value.ToString(); } returnParameter[Constants.Parameters.Code] = code; if (!String.IsNullOrEmpty(_authorizeEndpointRequest.State)) { returnParameter[Constants.Parameters.State] = _authorizeEndpointRequest.State; } string location = string.Empty; if (_authorizeEndpointRequest.IsFormPostResponseMode) { location = Options.FormPostEndpoint.ToString(); returnParameter[Constants.Parameters.RedirectUri] = _clientContext.RedirectUri; } else { location = _clientContext.RedirectUri; } foreach (var key in returnParameter.Keys) { location = WebUtilities.AddQueryString(location, key, returnParameter[key]); } Response.Redirect(location); } else if (_authorizeEndpointRequest.IsImplicitGrantType) { string location = _clientContext.RedirectUri; DateTimeOffset currentUtc = Options.SystemClock.UtcNow; signin.Properties.IssuedUtc = currentUtc; signin.Properties.ExpiresUtc = currentUtc.Add(Options.AccessTokenExpireTimeSpan); // associate client_id with access token signin.Properties.Dictionary[Constants.Extra.ClientId] = _authorizeEndpointRequest.ClientId; var accessTokenContext = new AuthenticationTokenCreateContext( Context, Options.AccessTokenFormat, new AuthenticationTicket(signin.Identity, signin.Properties)); await Options.AccessTokenProvider.CreateAsync(accessTokenContext); string accessToken = accessTokenContext.Token; if (string.IsNullOrEmpty(accessToken)) { accessToken = accessTokenContext.SerializeTicket(); } DateTimeOffset?accessTokenExpiresUtc = accessTokenContext.Ticket.Properties.ExpiresUtc; var appender = new Appender(location, '#'); appender .Append(Constants.Parameters.AccessToken, accessToken) .Append(Constants.Parameters.TokenType, Constants.TokenTypes.Bearer); if (accessTokenExpiresUtc.HasValue) { TimeSpan?expiresTimeSpan = accessTokenExpiresUtc - currentUtc; var expiresIn = (long)(expiresTimeSpan.Value.TotalSeconds + .5); appender.Append(Constants.Parameters.ExpiresIn, expiresIn.ToString(CultureInfo.InvariantCulture)); } if (!String.IsNullOrEmpty(_authorizeEndpointRequest.State)) { appender.Append(Constants.Parameters.State, _authorizeEndpointRequest.State); } var authResponseContext = new OAuthAuthorizationEndpointResponseContext( Context, Options, new AuthenticationTicket(signin.Identity, signin.Properties), _authorizeEndpointRequest, accessToken, null); await Options.Provider.AuthorizationEndpointResponse(authResponseContext); foreach (var parameter in authResponseContext.AdditionalResponseParameters) { appender.Append(parameter.Key, parameter.Value.ToString()); } Response.Redirect(appender.ToString()); } }
public override Task CreateAsync(AuthenticationTokenCreateContext context) { //生成的刷新Token可以存储到数据库 context.SetToken(context.SerializeTicket()); return(Task.FromResult(0)); }
private async Task InvokeTokenEndpointAsync() { DateTimeOffset currentUtc = Options.SystemClock.UtcNow; // remove milliseconds in case they don't round-trip currentUtc = currentUtc.Subtract(TimeSpan.FromMilliseconds(currentUtc.Millisecond)); IFormCollection form = await Request.ReadFormAsync(); var clientContext = new OAuthValidateClientAuthenticationContext( Context, Options, form); await Options.Provider.ValidateClientAuthentication(clientContext); if (!clientContext.IsValidated) { _logger.WriteError("clientID is not valid."); if (!clientContext.HasError) { clientContext.SetError(Constants.Errors.InvalidClient); } await SendErrorAsJsonAsync(clientContext); return; } var tokenEndpointRequest = new TokenEndpointRequest(form); var validatingContext = new OAuthValidateTokenRequestContext(Context, Options, tokenEndpointRequest, clientContext); AuthenticationTicket ticket = null; if (tokenEndpointRequest.IsAuthorizationCodeGrantType) { // Authorization Code Grant http://tools.ietf.org/html/rfc6749#section-4.1 // Access Token Request http://tools.ietf.org/html/rfc6749#section-4.1.3 ticket = await InvokeTokenEndpointAuthorizationCodeGrantAsync(validatingContext, currentUtc); } else if (tokenEndpointRequest.IsResourceOwnerPasswordCredentialsGrantType) { // Resource Owner Password Credentials Grant http://tools.ietf.org/html/rfc6749#section-4.3 // Access Token Request http://tools.ietf.org/html/rfc6749#section-4.3.2 ticket = await InvokeTokenEndpointResourceOwnerPasswordCredentialsGrantAsync(validatingContext, currentUtc); } else if (tokenEndpointRequest.IsClientCredentialsGrantType) { // Client Credentials Grant http://tools.ietf.org/html/rfc6749#section-4.4 // Access Token Request http://tools.ietf.org/html/rfc6749#section-4.4.2 ticket = await InvokeTokenEndpointClientCredentialsGrantAsync(validatingContext, currentUtc); } else if (tokenEndpointRequest.IsRefreshTokenGrantType) { // Refreshing an Access Token // http://tools.ietf.org/html/rfc6749#section-6 ticket = await InvokeTokenEndpointRefreshTokenGrantAsync(validatingContext, currentUtc); } else if (tokenEndpointRequest.IsCustomExtensionGrantType) { // Defining New Authorization Grant Types // http://tools.ietf.org/html/rfc6749#section-8.3 ticket = await InvokeTokenEndpointCustomGrantAsync(validatingContext, currentUtc); } else { // Error Response http://tools.ietf.org/html/rfc6749#section-5.2 // The authorization grant type is not supported by the // authorization server. _logger.WriteError("grant type is not recognized"); validatingContext.SetError(Constants.Errors.UnsupportedGrantType); } if (ticket == null) { await SendErrorAsJsonAsync(validatingContext); return; } ticket.Properties.IssuedUtc = currentUtc; ticket.Properties.ExpiresUtc = currentUtc.Add(Options.AccessTokenExpireTimeSpan); var tokenEndpointContext = new OAuthTokenEndpointContext( Context, Options, ticket, tokenEndpointRequest); await Options.Provider.TokenEndpoint(tokenEndpointContext); if (tokenEndpointContext.TokenIssued) { ticket = new AuthenticationTicket( tokenEndpointContext.Identity, tokenEndpointContext.Properties); } else { _logger.WriteError("Token was not issued to tokenEndpointContext"); validatingContext.SetError(Constants.Errors.InvalidGrant); await SendErrorAsJsonAsync(validatingContext); return; } var accessTokenContext = new AuthenticationTokenCreateContext( Context, Options.AccessTokenFormat, ticket); await Options.AccessTokenProvider.CreateAsync(accessTokenContext); string accessToken = accessTokenContext.Token; if (string.IsNullOrEmpty(accessToken)) { accessToken = accessTokenContext.SerializeTicket(); } DateTimeOffset?accessTokenExpiresUtc = ticket.Properties.ExpiresUtc; var refreshTokenCreateContext = new AuthenticationTokenCreateContext( Context, Options.RefreshTokenFormat, accessTokenContext.Ticket); await Options.RefreshTokenProvider.CreateAsync(refreshTokenCreateContext); string refreshToken = refreshTokenCreateContext.Token; var tokenEndpointResponseContext = new OAuthTokenEndpointResponseContext( Context, Options, ticket, tokenEndpointRequest, accessToken, tokenEndpointContext.AdditionalResponseParameters); await Options.Provider.TokenEndpointResponse(tokenEndpointResponseContext); var memory = new MemoryStream(); byte[] body; using (var writer = new JsonTextWriter(new StreamWriter(memory))) { writer.WriteStartObject(); writer.WritePropertyName(Constants.Parameters.AccessToken); writer.WriteValue(accessToken); writer.WritePropertyName(Constants.Parameters.TokenType); writer.WriteValue(Constants.TokenTypes.Bearer); if (accessTokenExpiresUtc.HasValue) { TimeSpan?expiresTimeSpan = accessTokenExpiresUtc - currentUtc; var expiresIn = (long)expiresTimeSpan.Value.TotalSeconds; if (expiresIn > 0) { writer.WritePropertyName(Constants.Parameters.ExpiresIn); writer.WriteValue(expiresIn); } } if (!String.IsNullOrEmpty(refreshToken)) { writer.WritePropertyName(Constants.Parameters.RefreshToken); writer.WriteValue(refreshToken); } foreach (var additionalResponseParameter in tokenEndpointResponseContext.AdditionalResponseParameters) { writer.WritePropertyName(additionalResponseParameter.Key); writer.WriteValue(additionalResponseParameter.Value); } writer.WriteEndObject(); writer.Flush(); body = memory.ToArray(); } Response.ContentType = "application/json;charset=UTF-8"; Response.Headers.Set("Cache-Control", "no-cache"); Response.Headers.Set("Pragma", "no-cache"); Response.Headers.Set("Expires", "-1"); Response.ContentLength = body.Length; await Response.WriteAsync(body, Request.CallCancelled); }
public void Create(AuthenticationTokenCreateContext context) { CreateAsync(context); }
public async Task CreateAsync(AuthenticationTokenCreateContext context) { var clientid = context.Ticket.Properties.Dictionary["as:client_id"]; if (string.IsNullOrEmpty(clientid)) { return; } //string hashedTokenId = Helper.GetHash(context.Token); // var refreshToken = await _repo.FindRefreshToken(hashedTokenId); var refreshTokenId = Guid.NewGuid().ToString("n"); using (AuthRepository _repo = new AuthRepository()) { var rfToken = await _repo.FindRefreshTokenByName(context.Ticket.Identity.Name); if (rfToken == null || string.IsNullOrEmpty(rfToken.Token)) { var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime"); var token = new RefreshToken() { Id = Helper.GetHash(refreshTokenId), ClientId = clientid, Subject = context.Ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)), Token = Helper.Encrypt(refreshTokenId, "punnel") }; context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; token.ProtectedTicket = context.SerializeTicket(); var result = await _repo.AddRefreshToken(token); if (result) { context.SetToken(refreshTokenId); } } else { refreshTokenId = Helper.Decrypt(rfToken.Token, "punnel"); var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime"); var token = new RefreshToken() { Id = rfToken.Id, ClientId = clientid, Subject = context.Ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)) }; context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; token.ProtectedTicket = context.SerializeTicket(); var result = await _repo.AddRefreshToken(token); if (result) { context.SetToken(refreshTokenId); } } } }
public Task CreateAsync(AuthenticationTokenCreateContext context) { throw new NotImplementedException(); }
public override void Create(AuthenticationTokenCreateContext context) { context.SetToken("yourtoken"); base.Create(context); }