public DefaultClientServer( IStateStore stateStore , ITokenDTOStore tokenDTOStore , IStateGenerator stateGenerator , IHttpClientFactory httpClientFactory , ILogger <DefaultClientServer> logger , ClientOptions options ) { _stateStore = stateStore; _stateGenerator = stateGenerator; _tokenDTOStore = tokenDTOStore; _httpClientFactory = httpClientFactory; _logger = logger; _options = options; SignOutRequestHandler = HandleSignOutRequestAsync; SignOutCallbackRequestHandler = HandleSignOutCallbackRequestAsync; }
public OAuth2Handler(IOptionsMonitor <OAuthOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock, ITokenDTOStore tokenDTOStore) : base(options, logger, encoder, clock) { _tokenDTOStore = tokenDTOStore; }
private static async Task ValidatePrincipal(CookieValidatePrincipalContext context, IHttpClientFactory httpClientFactory, ITokenDTOStore tokenDTOStore, ClientOptions options) { var tokenDTO = await tokenDTOStore.GetTokenDTOAsync(); var jwt = tokenDTO.GetJwt(); //if (!jwt.TryGetPayloadValue<long>(OAuth2Consts.Claim_AccessTokenExpire, out var exp)) //{// expStr format invalid // // reject principal // context.RejectPrincipal(); // // sign user out // await context.HttpContext.SignOutAsync(); // return; //} if (DateTimeOffset.UtcNow > jwt.ValidTo) { // access token expired if (!string.IsNullOrWhiteSpace(tokenDTO.RefreshToken)) { // refresh token exists // send refresh token request var httpClient = httpClientFactory.CreateClient(); var refreshTokenResp = await httpClient.RequestRefreshTokenAsync(new RefreshTokenRequest { Address = options.TokenEndpoint, ClientId = options.ClientID, ClientSecret = options.ClientSecret, RefreshToken = tokenDTO.RefreshToken, Scope = string.Join(OAuth2Consts.Seperator_Scope, options.Scopes) }); if (!refreshTokenResp.IsError) {// refresh success await tokenDTOStore.SaveTokenDTOAsync(refreshTokenResp.Raw); //context.Properties.UpdateTokenValue(OAuth2Consts.Token_Access, refreshTokenResp.AccessToken); //context.Properties.UpdateTokenValue(OAuth2Consts.Token_Refresh, refreshTokenResp.RefreshToken); //var expireAt = DateTimeOffset.UtcNow.AddSeconds(refreshTokenResp.ExpiresIn).ToString(OAuth2Consts.UtcTimesamp); //context.Properties.UpdateTokenValue(OAuth2Consts.Token_ExpiresAt, expireAt); //context.ShouldRenew = true; return; } } // reject principal context.RejectPrincipal(); // sign user out await context.HttpContext.OAuth2SignOutAsync(); } }
public HomeController(ITokenDTOStore tokenDTOStore) { _tokenDTOStore = tokenDTOStore; }