public async Task <IActionResult> AuthModelWithRefreshToken([FromBody] AuthModelWithRefreshToken authData)
{
IActionResult response = Unauthorized();
try
{
var user = await _authService.AuthenticateUser(authData);
if (user != null)
{
if (user.RefreshTokenExpiryTime < DateTime.Now)
{
return(new StatusCodeResult(402));
}
var tokenString = TokenPublisher.GenerateAccessToken(user, _config);
var refreshToken = TokenPublisher.GenerateRefreshToken();
user.AccessToken = tokenString;
user.RefreshToken = refreshToken;
user.RefreshTokenExpiryTime = DateTime.Now.AddYears(1);
await _authService.UpdateRefreshToken(new UpdateRefreshTokenModel
{
Id = user.Id,
RefreshToken = user.RefreshToken,
RefreshTokenExpiryTime = user.RefreshTokenExpiryTime
});
response = new OkObjectResult(
user
);
logger.Information(
$"Type: AuthenticationController; Method: AuthModelWithRefreshToken; Info: AuthModelWithRefreshToken by Login: {authData.RefreshToken} successfully");
}
}
catch (Exception e)
{
logger.Error($"Type: AuthenticationController; Method: AuthModelWithRefreshToken; Error: {e.Message}");
throw;
}
return(response);
}
private bool ProcessRequestImpl(HttpContext context)
{
long id;
string data, signature;
try
{
string idstr = context.Request.Form["id"];
if (idstr == null || !long.TryParse(idstr, out id))
{
throw new ArgumentException("id is null or not number");
}
data = context.Request.Form["data"];
if (data == null)
{
throw new ArgumentException("data is null");
}
signature = context.Request.Form["signature"];
if (signature == null)
{
throw new ArgumentException("signature is null");
}
}
catch (Exception e)
{
logger.Info("不正なフォーマットのデータを受け取りました。RequestInfo: " + WebUtil.RequestInfo(context), e);
WebUtil.AddErrorReasonHeader(context, ErrorReason.Malformed);
return false;
}
Verifier v = new Verifier(id, data, signature, DateTime.Now);
if (!v.IsOK())
{
logger.Info("不正なデータによる認証要求を受け取りました。RequestInfo: " + WebUtil.RequestInfo(context));
WebUtil.AddErrorReasonHeader(context, ErrorReason.Invalid);
return false;
}
DataSet.TokenRow token;
try
{
DataSet.SubscriberRow subscriber = Util.ResolveSubscriber(context.Request.Headers[SiteConstant.AuthTokenRequestResposeHeaderName], AuthScheme.Android_LVL);
TokenPublisher tp = new TokenPublisher(subscriber, DateTime.Now);
token = tp.Publish();
}
catch (DoubtfulAuthBehaviorException e)
{
logger.Info("不審な認証要求を受け取りました。RequestInfo: " + WebUtil.RequestInfo(context), e);
WebUtil.AddErrorReasonHeader(context, ErrorReason.Security);
return false;
}
context.Response.StatusCode = (int)HttpStatusCode.OK;
context.Response.Headers.Add(SiteConstant.AuthTokenRequestResposeHeaderName, token.Body);
return true;
}
