public async Task <Maybe <Token> > RefreshTokenAsync(string accessToken, string refreshToken) { var claims = _accessTokenValidator.Validate(accessToken, HexadoTokenSpecific.GetValidationParameters(_options.Secret, false)); if (!claims.HasValue || claims.Value.All(claim => claim.Type != ClaimTypes.Email)) { return(Maybe <Token> .Nothing); } var email = claims.Value .Single(c => c.Type == ClaimTypes.Email).Value; var user = await _hexadoUserRepository .GetUserIncludeTokensAsync(u => u.Email == email); if (!user.HasValue || !user.Value.IsValidRefreshToken(refreshToken)) { return(Maybe <Token> .Nothing); } var token = _tokenFactory.GenerateToken(user.Value.Id, claims.Value); if (!token.HasValue) { return(Maybe <Token> .Nothing); } user.Value.RemoveRefreshToken(refreshToken); user.Value.RefreshTokens.Add(token.Value.RefreshToken); await _hexadoUserRepository.UpdateAsync(user.Value); return(token); }
public static IServiceCollection AddHexadoAuthentication(this IServiceCollection services) { var jwtOptions = services.BuildServiceProvider() .GetRequiredService <IOptions <JwtOptions> >().Value; services .AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.SaveToken = true; options.TokenValidationParameters = HexadoTokenSpecific.GetValidationParameters(jwtOptions.Secret); }); return(services); }