private async Task <IAccount> RefreshAccessTokenAsync(IOwinEnvironment context, IClient client, string refreshTokenJwt)
{
// Attempt refresh grant against Stormpath
var request = OauthRequests.NewRefreshGrantRequest()
.SetRefreshToken(refreshTokenJwt)
.Build();
var application = await client.GetApplicationAsync(this.Configuration.Application.Href, context.CancellationToken);
var authenticator = application.NewRefreshGrantAuthenticator();
IOauthGrantAuthenticationResult grantResult = null;
try
{
grantResult = await authenticator.AuthenticateAsync(request, context.CancellationToken);
}
catch (InvalidJwtException jwex)
{
logger.Info($"Failed to authenticate the request due to a malformed or expired refresh token. Message: '{jwex.Message}'", nameof(RefreshAccessTokenAsync));
return(null);
}
catch (ResourceException rex)
{
logger.Warn(rex, "Failed to refresh an access_token given a refresh_token.");
return(null);
}
// Get a new access token
IAccessToken newAccessToken = null;
try
{
newAccessToken = await grantResult.GetAccessTokenAsync(context.CancellationToken);
}
catch (ResourceException rex)
{
logger.Error(rex, "Failed to get a new access token after receiving grant response.", nameof(RefreshAccessTokenAsync));
}
// Get the account details
IAccount account = null;
try
{
account = await GetExpandedAccountAsync(client, newAccessToken, context.CancellationToken);
}
catch (ResourceException rex)
{
logger.Error(rex, $"Failed to get account {newAccessToken.AccountHref}", nameof(RefreshAccessTokenAsync));
return(null);
}
logger.Trace("Access token refreshed using Refresh token. Adding cookies to response", nameof(RefreshAccessTokenAsync));
Cookies.AddTokenCookiesToResponse(context, client, grantResult, this.Configuration, logger);
return(account);
}
public object SanitizeResponseWithoutRefreshToken(IOauthGrantAuthenticationResult result)
{
return(new
{
access_token = result.AccessTokenString,
expires_in = result.ExpiresIn,
token_type = result.TokenType
});
}
private async Task <bool> LoginAndRedirectAsync(
IOwinEnvironment context,
IClient client,
IOauthGrantAuthenticationResult grantResult,
string nextPath,
CancellationToken cancellationToken)
{
var executor = new LoginExecutor(client, _configuration, _handlers, _logger);
await executor.HandlePostLoginAsync(context, grantResult, cancellationToken);
await executor.HandleRedirectAsync(context, nextPath);
return(true);
}
public async Task HandlePostLoginAsync(
IOwinEnvironment context,
IOauthGrantAuthenticationResult grantResult,
CancellationToken cancellationToken)
{
var accessToken = await grantResult.GetAccessTokenAsync(cancellationToken);
var account = await accessToken.GetAccountAsync(cancellationToken);
var postLoginHandlerContext = new PostLoginContext(context, account);
await _handlers.PostLoginHandler(postLoginHandlerContext, cancellationToken);
// Add Stormpath cookies
Cookies.AddTokenCookiesToResponse(context, _client, grantResult, _configuration, _logger);
}
private async Task <bool> LoginAndRedirectAsync(
IOwinEnvironment context,
IClient client,
IOauthGrantAuthenticationResult grantResult,
bool isNewAccount,
string nextPath,
CancellationToken cancellationToken)
{
var executor = new LoginExecutor(client, _configuration, _handlers, _logger);
await executor.HandlePostLoginAsync(context, grantResult, cancellationToken);
var defaultNextPath = isNewAccount
? _configuration.Web.Register.NextUri
: _configuration.Web.Login.NextUri;
return(await executor.HandleRedirectAsync(context, nextPath, defaultNextPath));
}
public static void AddTokenCookiesToResponse(IOwinEnvironment context, IClient client, IOauthGrantAuthenticationResult grantResult, StormpathConfiguration configuration, ILogger logger)
{
if (!string.IsNullOrEmpty(grantResult.AccessTokenString))
{
var expirationDate = client.NewJwtParser().Parse(grantResult.AccessTokenString).Body.Expiration;
SetTokenCookie(context, configuration.Web.AccessTokenCookie, grantResult.AccessTokenString, expirationDate, IsSecureRequest(context), logger);
}
if (!string.IsNullOrEmpty(grantResult.RefreshTokenString))
{
var expirationDate = client.NewJwtParser().Parse(grantResult.RefreshTokenString).Body.Expiration;
SetTokenCookie(context, configuration.Web.RefreshTokenCookie, grantResult.RefreshTokenString, expirationDate, IsSecureRequest(context), logger);
}
}
/// <summary> /// Synchronously retrieves the <see cref="IAccessToken">Access Token</see> created during the Create Grant Authentication operation. /// </summary> /// <param name="authenticationResult">The <see cref="IOauthGrantAuthenticationResult">Authentication Result</see>.</param> /// <returns>The <see cref="IAccessToken">Access Token</see>.</returns> public static IAccessToken GetAccessToken(this IOauthGrantAuthenticationResult authenticationResult) => (authenticationResult as IOauthGrantAuthenticationResultSync).GetAccessToken();
