Exemplo n.º 1
0
        //scenario 1 : get the access-token by username and password
        private async Task <IActionResult> DoPassword(TokenRequestParams parameters, IDENTITY_CLIENT client)
        {
            //validate the client_id/client_secret/username/password
            var user = await Context.USERS.FirstOrDefaultAsync(x => x.UserName == parameters.username);

            if (user == null)
            {
                return(BadRequest("Invalid user infomation."));
            }

            var passwordHasher             = new PasswordHasher <USER>();
            var passwordVerificationResult = passwordHasher.VerifyHashedPassword(user, user.PasswordHash, parameters.password);

            if (passwordVerificationResult == PasswordVerificationResult.Failed)
            {
                return(BadRequest("Invalid user infomation."));
            }

            var refresh_token = Guid.NewGuid().ToString().Replace("-", "");

            var rToken = new IDENTITY_REFRESH_TOKEN
            {
                CLIENT_ID                 = parameters.client_id,
                REFRESH_TOKEN             = refresh_token,
                IDENTITY_REFRESH_TOKEN_ID = Guid.NewGuid().ToString(),
                ISSUED_UTC                = DateTime.UtcNow,
                EXPIRES_UTC               = DateTime.UtcNow.AddDays(client.REFRESH_TOKEN_LIFE_TIME),
                IDENTITY = parameters.username
            };

            //store the refresh_token
            Context.IDENTITY_REFRESH_TOKENS.Add(rToken);

            await Context.SaveChangesAsync();

            return(Ok(GetJwt(parameters.client_id, refresh_token, user)));
        }
Exemplo n.º 2
0
        //scenario 2 : get the access_token by refresh_token
        private async Task <IActionResult> DoRefreshToken(TokenRequestParams parameters, IDENTITY_CLIENT client)
        {
            var token = await Context.IDENTITY_REFRESH_TOKENS.FirstOrDefaultAsync(x => x.REFRESH_TOKEN == parameters.refresh_token);

            if (token == null)
            {
                return(BadRequest("Token not found."));
            }

            if (token.IS_EXPIRED)
            {
                // Remove refresh token if expired
                Context.IDENTITY_REFRESH_TOKENS.Remove(token);
                await Context.SaveChangesAsync();

                return(BadRequest("Token has expired."));
            }

            var refresh_token = Guid.NewGuid().ToString().Replace("-", "");

            //remove the old refresh_token and add a new refresh_token
            Context.IDENTITY_REFRESH_TOKENS.Remove(token);

            Context.IDENTITY_REFRESH_TOKENS.Add(new IDENTITY_REFRESH_TOKEN
            {
                CLIENT_ID                 = parameters.client_id,
                REFRESH_TOKEN             = refresh_token,
                IDENTITY_REFRESH_TOKEN_ID = Guid.NewGuid().ToString(),
                ISSUED_UTC                = DateTime.UtcNow,
                EXPIRES_UTC               = DateTime.UtcNow.AddDays(client.REFRESH_TOKEN_LIFE_TIME),
                IDENTITY = token.IDENTITY
            });

            await Context.SaveChangesAsync();

            var user = await Context.USERS.SingleOrDefaultAsync(x => x.UserName == token.IDENTITY);

            if (user == null)
            {
                return(BadRequest("User not found."));
            }

            return(Ok(GetJwt(parameters.client_id, refresh_token, user)));
        }