public async Task <AccessTokenModel> RefreshToken(string refreshToken, string accessToken) { var userId = _accessTokenService.GetPayload <AuthPayload>(accessToken).UserId; var refreshTokenResponse = await QueryBus.Execute <UserRefreshTokenQuery, UserRefreshTokenResponse>( new UserRefreshTokenQuery { UserId = userId }); if (refreshToken != refreshTokenResponse.RefreshToken) { //TODO throw new NotImplementedException(); } return(await GenerateRefreshAndAccessToken(userId)); }
public override async Task <HttpResponseMessage> ExecuteAsync(HttpControllerContext controllerContext, CancellationToken cancellationToken) { if (!controllerContext.Request.Headers.TryGetValues("AccessToken", out var allTokens)) { throw new AuthorizationRequiredException(); } var token = allTokens.First(); var payload = _accessTokenService.GetPayload <AuthPayload>(token); var refreshTokenResponse = await QueryBus.Execute <UserRefreshTokenQuery, UserRefreshTokenResponse>( new UserRefreshTokenQuery { UserId = payload.UserId }); _accessTokenService.Verify(token, refreshTokenResponse.RefreshToken); return(await base.ExecuteAsync(controllerContext, cancellationToken)); }
public override async Task <HttpResponseMessage> ExecuteAsync(HttpControllerContext controllerContext, CancellationToken cancellationToken) { if (!controllerContext.Request.Headers.TryGetValues("Authorization", out var tokens)) { throw new MissedAccessTokenException(); } var accessToken = tokens.First(); var payload = _accessTokenService.GetPayload <UserAccessTokenPayload>(accessToken); var refreshTokenResponse = await _userManagementService.GetRefreshTokenById(new GetUserRefreshTokenByIdRequest { Id = payload.Id }); _accessTokenService.Verify(accessToken, refreshTokenResponse.RefreshToken); UserId = payload.Id; return(await base.ExecuteAsync(controllerContext, cancellationToken)); }