/// <summary>The receive async.</summary>
/// <param name="context">The context.</param>
/// <returns>The <see cref="Task"/>.</returns>
/// <exception cref="Exception"></exception>
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
try
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (!context.OwinContext.Response.Headers.ContainsKey("Access-Control-Allow-Origin"))
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
}
var hashedTokenId = AuthenticationUtility.GetHash(context.Token);
var refreshTokenController = AuthHelper.FindRefreshTokenController(hashedTokenId);
var refreshTokenDict = await this.authFacade.SelectAll(refreshTokenController);
var refreshToken = refreshTokenDict.Values.FirstOrDefault();
if (refreshToken != null)
{
// Get protectedTicket from refreshToken class
context.DeserializeTicket(refreshToken.ProtectedTicket);
// var expires = context.Ticket.Properties.ExpiresUtc;
await this.authFacade.Delete(new List <long> {
refreshToken.Id
});
}
}
catch (System.Exception ex)
{
throw new System.Exception("some error occured while reading the refersh token", ex);
}
}
/// <summary>The create async.</summary>
/// <param name="context">The context.</param>
/// <returns>The <see cref="Task"/>.</returns>
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var refreshTokenId = Guid.NewGuid().ToString("n");
ClaimsIdentity userIdentity = context.Ticket.Identity;
var firstOrDefault = userIdentity.Claims.FirstOrDefault(c => c.Type == "GUID");
if (firstOrDefault != null)
{
var sessionGuid = new Guid(firstOrDefault.Value);
var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime");
var clientController = AuthHelper.FindClientController(clientid);
var clientAppId = await this.authFacade.FindClient(clientController);
var token = new RefreshToken
{
RefreshTokenId = AuthenticationUtility.GetHash(refreshTokenId),
Id = clientAppId.Id,
UserName = context.Ticket.Identity.Name,
IssuedTimestamp = DateTime.Now,
ExpiryTimestamp = DateTime.Now.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)),
SessionGuId = sessionGuid,
LastModifiedUserId = 1,
LastModifiedTs = DateTime.Now,
ClientAppId = (int)clientAppId.Id,
};
context.Ticket.Properties.IssuedUtc = token.IssuedTimestamp;
context.Ticket.Properties.ExpiresUtc = token.ExpiryTimestamp;
token.ProtectedTicket = context.SerializeTicket();
// Create Dictionary with Key : filter and Value is JSON String
await this.authFacade.Update(new List <RefreshToken> {
token
});
context.SetToken(refreshTokenId);
}
}
/// <summary>The grant resource owner credentials.</summary>
/// <param name="context">The context.</param>
/// <returns>The <see cref="Task"/>.</returns>
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// Adding Header to enable the Cross Origin Calls
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin") ?? "*";
if (!context.OwinContext.Response.Headers.ContainsKey("Access-Control-Allow-Origin"))
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
}
// Create User Credential using Name/ password from Auth context
var userCredentials = AuthHelper.CheckUserCredential(context.UserName, AuthenticationUtility.GetHash(context.Password));
var tokenInfoList = await this.userManagement.SelectAll(userCredentials);
// Get valid userInfo for given credential
var tokenInfo = tokenInfoList.Values.FirstOrDefault();
if (tokenInfo == null)
{
context.SetError("Wrong username or password.");
context.Response.Headers.Add("AuthorizationResponse", new[] { "Failed" });
return;
}
if (tokenInfo.IsActive == 0)
{
context.SetError("Your account is disabled. Please contact the Admin.");
context.Response.Headers.Add("AuthorizationResponse", new[] { "Failed" });
return;
}
if (tokenInfo.IsLocked == 1)
{
context.SetError("Your account is locked. Please contact the Admin.");
context.Response.Headers.Add("AuthorizationResponse", new[] { "Failed" });
return;
}
// Set basic user information
var guid = Guid.NewGuid().ToString();
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("userName", context.UserName));
identity.AddClaim(new Claim("UserId", tokenInfo.Id.ToString()));
identity.AddClaim(new Claim("GUID", guid));
identity.AddClaim(new Claim("persistence", "jai was here"));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"GUID", guid
},
{
"as:client_id", context.ClientId ?? null
},
{
"userName", tokenInfo.UserName
},
{
"userId", tokenInfo.Id.ToString()
},
{
"role", tokenInfo.Role
},
{
"isLocked", tokenInfo.IsLocked.ToString()
},
{
"isActive", tokenInfo.IsActive.ToString()
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
return;
}