private RefreshTokenEntity RotateRefreshToken(RefreshTokenEntity oldToken, string ipAddress) { var newRefreshToken = GenerateRefreshToken(ipAddress); _revokeRefreshToken(oldToken, ipAddress, "Replaced by new token", newRefreshToken.Token); return(newRefreshToken); }
/// <summary> /// 生成JWT Token /// </summary> /// <param name="userId">用户Id</param> /// <param name="userName">用户名称</param> /// <param name="claims"></param> /// <param name="jwtTokenConfig"></param> /// <param name="dateTime"></param> /// <returns></returns> public async Task <JwtAuthInfo> GenerateTokens(long userId, string userName, Claim[] claims, DateTime dateTime) { var secret = Encoding.ASCII.GetBytes(jwtTokenConfig.SecretKey); var shouldAddAudienceClaim = string.IsNullOrWhiteSpace(claims?.FirstOrDefault(x => x.Type == JwtRegisteredClaimNames.Aud)?.Value); var jwtToken = new JwtSecurityToken( jwtTokenConfig.Issuer, shouldAddAudienceClaim ? jwtTokenConfig.Audience : string.Empty, claims, expires: dateTime.AddMinutes(jwtTokenConfig.AccessTokenExpiration), signingCredentials: new SigningCredentials(new SymmetricSecurityKey(secret), SecurityAlgorithms.HmacSha256Signature)); var accessToken = new JwtSecurityTokenHandler().WriteToken(jwtToken); var entity = new RefreshTokenEntity { UserId = userId, UserName = userName, Token = GenerateRefreshToken(), ExpireAt = dateTime.AddMinutes(jwtTokenConfig.RefreshTokenExpiration) }; //redisCacheService.SetEntryInHash(redisCacheHashId, refreshToken.TokenString, refreshToken); await tokenRepository.AddOrUpdate(entity); return(new JwtAuthInfo { AccessToken = accessToken, RefreshToken = MapperTo(entity) }); }
public async Task CreateAsync(AuthenticationTokenCreateContext context) { var clientid = context.Ticket.Properties.Dictionary["as:client_id"]; if (string.IsNullOrEmpty(clientid)) { return; } var refreshTokenId = Guid.NewGuid().ToString("n"); var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime"); var token = new RefreshTokenEntity() { RefreshTokenId = AuthHelper.GetHash(refreshTokenId), ClientId = clientid, Subject = context.Ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)) }; context.Ticket.Properties.IssuedUtc = token.IssuedUtc; context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc; token.ProtectedTicket = context.SerializeTicket(); await _authDalHelper.AddRefreshToken(token); context.SetToken(refreshTokenId); }
private void RevokeDescendantRefreshTokens(RefreshTokenEntity refreshToken, List <RefreshTokenEntity> allRefreshTokens, string ipAddress, string reason) { // recursively traverse the refresh token chain and ensure all descendants are revoked if (string.IsNullOrEmpty(refreshToken.ReplacedByToken)) { return; } var childToken = allRefreshTokens.SingleOrDefault(x => x.Token == refreshToken.ReplacedByToken); if (childToken == null) { return; } if (childToken.IsActive) { _revokeRefreshToken(childToken, ipAddress, reason); } else { RevokeDescendantRefreshTokens(childToken, allRefreshTokens, ipAddress, reason); } }
public async Task CreateRefreshToken_ShouldReturnTheCreatedRefreshToken_AndIncreaseTheRefreshTokensCount() { var refreshToken = new RefreshTokenEntity { Id = 444, Token = "token 123", User = new UserEntity { UserName = "******", Email = "*****@*****.**" } }; var expectedNumberOfRefreshTokens = DbContext.RefreshTokens.Count() + 1; // Act var createdRefreshToken = await _refreshTokenRepository.Create(refreshToken); // Assert Assert.NotNull(createdRefreshToken); Assert.Equal(refreshToken.Token, createdRefreshToken.Token); Assert.Equal(refreshToken.User.UserName, createdRefreshToken.User.UserName); Assert.Equal(refreshToken.User.Email, createdRefreshToken.User.Email); Assert.True(refreshToken.Id != 0); Assert.Equal(expectedNumberOfRefreshTokens, DbContext.RefreshTokens.Count()); }
private static RefreshTokenModel ConvertEntityToModel(RefreshTokenEntity t) { return(new RefreshTokenModel { Token = t.Token, UserId = t.UserId }); }
private static void _revokeRefreshToken(RefreshTokenEntity token, string ipAddress, string reason = null, string replacedByToken = null) { token.Revoked = DateTime.Now; token.RevokedByIp = ipAddress; token.ReasonRevoked = reason; token.ReplacedByToken = replacedByToken; }
public async Task <RefreshTokenEntity> AddAsync(RefreshTokenEntity token) { await _OSContext.RefreshToken.AddAsync(token); await _OSContext.SaveChangesAsync(); _Logger.LogInformation("(Repository) Token Added: {1}", token.UserId); return(token); }
/// <summary> /// Mapper To RefreshToken /// </summary> /// <param name="entity">RefreshToken实体</param> /// <returns></returns> private RefreshToken MapperTo(RefreshTokenEntity entity) { return(new RefreshToken() { UserId = entity.UserId, UserName = entity.UserName, TokenString = entity.Token, ExpireAt = entity.ExpireAt }); }
public async Task <RefreshTokenModel> CreateAsync(RefreshTokenModel token) { var tokenEntity = new RefreshTokenEntity { Token = token.Token, UserId = token.UserId }; var createdToken = await _RefreshTokenRepository.AddAsync(tokenEntity); return(ConvertEntityToModel(createdToken)); }
public async Task IfTheRefreshTokenToUpdate_DoesntExist_ReturnNull() { var refreshToken = new RefreshTokenEntity { Id = 4442, Token = "token112345", User = DbContext.Users.Find(1) }; // Act var result = await _refreshTokenRepository.Update(refreshToken); // Assert Assert.Null(result); }
public async Task <RefreshTokenEntity> UpdateAsync(RefreshTokenEntity token) { var local = _OSContext.RefreshToken.Local.FirstOrDefault(entity => entity.Id == token.Id); if (local is not null) { _OSContext.Entry(local).State = EntityState.Detached; } _OSContext.Entry(token).State = EntityState.Modified; await _OSContext.SaveChangesAsync(); _Logger.LogInformation("(Repository) Token Updated: {1}", token.UserId); return(token); }
public async Task <JsonWebTokenResult> Handle(GenerateTokenCommand request, CancellationToken cancellationToken) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_jsonWebToken.Secret); var tokenExpiration = DateTime.UtcNow.AddSeconds(_jsonWebToken.TokenLifetime); var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, request.User.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, request.User.Email), new Claim("Id", request.User.Id) }; var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = tokenExpiration, SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var refreshToken = new RefreshTokenEntity { Token = Guid.NewGuid().ToString(), JwtId = token.Id, UserId = request.User.Id, CreationDate = DateTime.UtcNow, ExpiryDate = DateTime.UtcNow.AddMonths(6) }; await _context.RefreshTokens.AddAsync(refreshToken, cancellationToken); await _context.SaveChangesAsync(cancellationToken); return(new JsonWebTokenResult() { Token = tokenHandler.WriteToken(token), TokenExpirationTime = ((DateTimeOffset)tokenExpiration).ToUnixTimeSeconds().ToString(), RefreshToken = refreshToken.Token }); }
public TokenResultEntity Post(RefreshTokenEntity data) { var result = new TokenResultEntity(); // 获取应用信息 var Token = AuthorizeHelper.GetTokenByRefreshToken(data.RefreshToken); if (Token == null) { result.Code = (int)InterfaceResultEnum.AppError; result.ErrMsg = EnumHelper.GetDescription(InterfaceResultEnum.AppError); Logger.LogInfo(string.Format("刷新Token失败,RefreshToken:{0}", data.RefreshToken), "RefreshTokenController", "Post"); return(result); } var requestAccount = Token.RequestAccount; var requestUserId = (int)Token.RequestUserId; int expiry = 3600; var token = AuthorizeHelper.AddToken(requestUserId, requestAccount, expiry); AuthorizeHelper.RemoveToken(data.RefreshToken); if (token != null) { result.Code = (int)InterfaceResultEnum.Success; result.Access_Token = token.AccessToken; result.Refresh_Token = token.RefreshToken; result.Expiry = token.Expiry; Logger.LogInfo(string.Format("刷新Token成功,RefreshToken:{0},AccessToken:{1}", data.RefreshToken, token.AccessToken), "RefreshTokenController", "Post"); } else { result.Code = (int)InterfaceResultEnum.AppError; result.ErrMsg = EnumHelper.GetDescription(InterfaceResultEnum.AppError); Logger.LogInfo(string.Format("刷新Token失败,RefreshToken:{0}", data.RefreshToken), "RefreshTokenController", "Post"); } return(result); }
private string GenerateRefreshToken(Guid id) { var refreshToken = Guid.NewGuid().ToString(); var refreshTokenEntity = new RefreshTokenEntity { RefreshToken = refreshToken, UserId = id, TotalUsage = 1, ExpireOn = null }; var deviceInfo = SystemHelper.CurrentHttpContext?.Request.GetDeviceInformation(); //deviceInfo?.MapTo(refreshTokenEntity); _refreshTokenRepo.Add(refreshTokenEntity); UnitOfWork.SaveChanges(); return(refreshToken); }
public Task <RefreshTokenEntity> Update(RefreshTokenEntity refreshToken) { return(_refreshTokenRepository.Update(refreshToken)); }
public async Task AddRefreshToken(RefreshTokenEntity tokenEntity) { await _dbContext.RefreshTokens.FindOneAndReplaceAsync(r => r.Subject == tokenEntity.Subject && r.ClientId == tokenEntity.ClientId, tokenEntity); }