private async Task <ApiAuthenticationToken> GetApiAuthenticationTokenAsync( string userId, string applicationId, CancellationToken ct) { if (userId == null) { throw new ArgumentNullException("userId"); } if (applicationId == null) { throw new ArgumentNullException("applicationId"); } return (await _uow.ExecuteQueryAndGetFirstOrDefaultAsync( _uow.Security.ApiAuthenticationTokens.GetAll() .Where(at => at.BaseApiUserId == userId && at.ApiApplicationId == applicationId), ct)); }
public async Task <IHttpActionResult> Get( [FromODataUri] string applicationId, [FromODataUri] string refreshToken, CancellationToken ct) { var applicationIdDecoded = applicationId.DecodeFromBase64ASCII(); var refreshTokenDecoded = Guid.Parse(refreshToken.DecodeFromBase64ASCII()); await _uow.BeginAsync(ct); var apiApplication = await _uow.Security.Applications.GetByIdAsync(applicationIdDecoded, ct); if (apiApplication == null) { ModelState.AddModelError( "applicationId", Resources.Conflict_Authorizations_ApiApplicationNotFoundScoped); return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState)); } var authenticationToken = await _uow.ExecuteQueryAndGetFirstOrDefaultAsync( _uow.Security.ApiAuthenticationTokens.GetAllAndFetch(e => e.BaseApiUser) .Where(at => at.ApiApplicationId == applicationIdDecoded && at.RefreshToken == refreshTokenDecoded), ct); if (authenticationToken == null) { ModelState.AddModelError( "refreshToken", Resources.Conflict_Authorizations_RefreshTokenNotFound); return(Request.CreateConflictResponse(Resources.Conflict_Shared_GenericMessage, ModelState)); } // Always create a new access token var authenticationAccessToken = new ApiAuthenticationAccessToken { AccessToken = Guid.NewGuid(), ExpirationDate = DateTime.Now.AddHours(1) }; authenticationToken.ApiAuthenticationAccessTokens.Add(authenticationAccessToken); await _uow.CommitAsync(ct); var entity = new AuthorizationRefresh { ApplicationId = applicationId, RefreshToken = refreshToken, Authorization = new Authorization { AccessToken = authenticationAccessToken.AccessToken.ToString().EncodeToBase64ASCII(), RefreshToken = authenticationToken.RefreshToken.ToString().EncodeToBase64ASCII(), ExpiresIn = (int)authenticationAccessToken.ExpirationDate.Subtract(DateTime.Now).TotalMinutes, UserName = authenticationToken.BaseApiUser.UserName } }; return(Ok(entity)); }