public async Task <IActionResult> AuthModelWithRefreshToken([FromBody] AuthModelWithRefreshToken authData) { IActionResult response = Unauthorized(); try { var user = await _authService.AuthenticateUser(authData); if (user != null) { if (user.RefreshTokenExpiryTime < DateTime.Now) { return(new StatusCodeResult(402)); } var tokenString = TokenPublisher.GenerateAccessToken(user, _config); var refreshToken = TokenPublisher.GenerateRefreshToken(); user.AccessToken = tokenString; user.RefreshToken = refreshToken; user.RefreshTokenExpiryTime = DateTime.Now.AddYears(1); await _authService.UpdateRefreshToken(new UpdateRefreshTokenModel { Id = user.Id, RefreshToken = user.RefreshToken, RefreshTokenExpiryTime = user.RefreshTokenExpiryTime }); response = new OkObjectResult( user ); logger.Information( $"Type: AuthenticationController; Method: AuthModelWithRefreshToken; Info: AuthModelWithRefreshToken by Login: {authData.RefreshToken} successfully"); } } catch (Exception e) { logger.Error($"Type: AuthenticationController; Method: AuthModelWithRefreshToken; Error: {e.Message}"); throw; } return(response); }
private bool ProcessRequestImpl(HttpContext context) { long id; string data, signature; try { string idstr = context.Request.Form["id"]; if (idstr == null || !long.TryParse(idstr, out id)) { throw new ArgumentException("id is null or not number"); } data = context.Request.Form["data"]; if (data == null) { throw new ArgumentException("data is null"); } signature = context.Request.Form["signature"]; if (signature == null) { throw new ArgumentException("signature is null"); } } catch (Exception e) { logger.Info("不正なフォーマットのデータを受け取りました。RequestInfo: " + WebUtil.RequestInfo(context), e); WebUtil.AddErrorReasonHeader(context, ErrorReason.Malformed); return false; } Verifier v = new Verifier(id, data, signature, DateTime.Now); if (!v.IsOK()) { logger.Info("不正なデータによる認証要求を受け取りました。RequestInfo: " + WebUtil.RequestInfo(context)); WebUtil.AddErrorReasonHeader(context, ErrorReason.Invalid); return false; } DataSet.TokenRow token; try { DataSet.SubscriberRow subscriber = Util.ResolveSubscriber(context.Request.Headers[SiteConstant.AuthTokenRequestResposeHeaderName], AuthScheme.Android_LVL); TokenPublisher tp = new TokenPublisher(subscriber, DateTime.Now); token = tp.Publish(); } catch (DoubtfulAuthBehaviorException e) { logger.Info("不審な認証要求を受け取りました。RequestInfo: " + WebUtil.RequestInfo(context), e); WebUtil.AddErrorReasonHeader(context, ErrorReason.Security); return false; } context.Response.StatusCode = (int)HttpStatusCode.OK; context.Response.Headers.Add(SiteConstant.AuthTokenRequestResposeHeaderName, token.Body); return true; }