public async Task <IActionResult> AccessToken(AccessTokenRequest tokenRequest) { if (!string.IsNullOrEmpty(tokenRequest.refresh_token)) { var refreshTokenModel = await _repository.GetRefreshToken(tokenRequest.refresh_token); if (refreshTokenModel == null) { return(BadRequest()); } string tokenKey = _accountSettings.TokenKey; JWToken token = GenerateAccessToken(tokenKey); string serializedToken = JsonConvert.SerializeObject(token); var response = new { access_token = serializedToken, token_type = "example", expires_in = 3600, refresh_token = refreshTokenModel.Token }; return(Ok(response)); } //TODO: code should be generated in memory and disposed of after one use else if (!string.IsNullOrEmpty(tokenRequest.code)) { // validating that the code is a valid one if (_codeStore.VerifyCode(tokenRequest.code) == null) { //TOOD: check the expected answer return(BadRequest()); } //we need to make sure nobody else can re-use the same code twice _codeStore.ClearCode(tokenRequest.code); string tokenKey = _accountSettings.TokenKey; JWToken token = GenerateAccessToken(tokenKey); string serializedToken = JsonConvert.SerializeObject(token); string refreshToken = Guid.NewGuid().ToString(); await _repository.AddRefreshToken(new Models.RefreshTokenModel { Application = "Alexa", Token = refreshToken }); var response = new { access_token = serializedToken, token_type = "example", expires_in = 3600, refresh_token = refreshToken }; return(Ok(response)); } return(BadRequest()); }
private JWToken GenerateAccessToken(string key) { var token = new JWToken { Timestamp = DateTimeOffset.Now.ToString(), ExpiresIn = 3600, Application = "Alexa" }; token.GenerateSignature(key); return(token); }