private async Task <ObjectResult> GetToken(FantasyCriticUser user) { var roles = await _userManager.GetRolesAsync(user); var usersClaims = new List <Claim>() { new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.NameIdentifier, user.UserID.ToString()), }; foreach (var role in roles) { usersClaims.Add(new Claim(ClaimTypes.Role, role)); } var jwtToken = _tokenService.GenerateAccessToken(usersClaims); var refreshToken = _tokenService.GenerateRefreshToken(); await _userManager.AddRefreshToken(user, refreshToken); var jwtString = new JwtSecurityTokenHandler().WriteToken(jwtToken); return(new ObjectResult(new { token = jwtString, refreshToken = refreshToken, expiration = jwtToken.ValidTo })); }
public async Task <IActionResult> Refresh([FromBody] TokenRefreshRequest request) { var principal = _tokenService.GetPrincipalFromExpiredToken(request.Token); var emailAddress = principal.Identity.Name; //this is mapped to the Name claim by default var user = await _userManager.FindByNameAsync(emailAddress); if (user == null) { return(BadRequest()); } var refreshTokens = await _userManager.GetRefreshTokens(user); if (!refreshTokens.Contains(request.RefreshToken)) { return(BadRequest()); } string issuedTimeString = principal.Claims.FirstOrDefault(x => x.Type == "nbf")?.Value; if (issuedTimeString == null) { return(BadRequest("Invalid JWT.")); } Instant issuedTime = Instant.FromUnixTimeSeconds(Convert.ToInt64(issuedTimeString)); if (issuedTime < user.LastChangedCredentials) { return(StatusCode(401)); } var roles = await _userManager.GetRolesAsync(user); var claims = user.GetUserClaims(roles); var newJwtToken = _tokenService.GenerateAccessToken(claims); var newRefreshToken = _tokenService.GenerateRefreshToken(); await _userManager.RemoveRefreshToken(user, request.RefreshToken); await _userManager.AddRefreshToken(user, newRefreshToken); var newJwtString = new JwtSecurityTokenHandler().WriteToken(newJwtToken); return(new ObjectResult(new { token = newJwtString, refreshToken = newRefreshToken, expiration = newJwtToken.ValidTo })); }
private async Task <ObjectResult> GetToken(FantasyCriticUser user) { var roles = await _userManager.GetRolesAsync(user); var claims = user.GetUserClaims(roles); var jwtToken = _tokenService.GenerateAccessToken(claims); var refreshToken = _tokenService.GenerateRefreshToken(); await _userManager.AddRefreshToken(user, refreshToken); await _userManager.ClearOldRefreshTokens(user); var jwtString = new JwtSecurityTokenHandler().WriteToken(jwtToken); return(new ObjectResult(new { token = jwtString, refreshToken, expiration = jwtToken.ValidTo })); }