private async Task <IAccount> RefreshAccessTokenAsync(IOwinEnvironment context, IClient client, string refreshTokenJwt) { // Attempt refresh grant against Stormpath var request = OauthRequests.NewRefreshGrantRequest() .SetRefreshToken(refreshTokenJwt) .Build(); var application = await client.GetApplicationAsync(this.Configuration.Application.Href, context.CancellationToken); var authenticator = application.NewRefreshGrantAuthenticator(); IOauthGrantAuthenticationResult grantResult = null; try { grantResult = await authenticator.AuthenticateAsync(request, context.CancellationToken); } catch (InvalidJwtException jwex) { logger.Info($"Failed to authenticate the request due to a malformed or expired refresh token. Message: '{jwex.Message}'", nameof(RefreshAccessTokenAsync)); return(null); } catch (ResourceException rex) { logger.Warn(rex, "Failed to refresh an access_token given a refresh_token."); return(null); } // Get a new access token IAccessToken newAccessToken = null; try { newAccessToken = await grantResult.GetAccessTokenAsync(context.CancellationToken); } catch (ResourceException rex) { logger.Error(rex, "Failed to get a new access token after receiving grant response.", nameof(RefreshAccessTokenAsync)); } // Get the account details IAccount account = null; try { account = await GetExpandedAccountAsync(client, newAccessToken, context.CancellationToken); } catch (ResourceException rex) { logger.Error(rex, $"Failed to get account {newAccessToken.AccountHref}", nameof(RefreshAccessTokenAsync)); return(null); } logger.Trace("Access token refreshed using Refresh token. Adding cookies to response", nameof(RefreshAccessTokenAsync)); Cookies.AddTokenCookiesToResponse(context, client, grantResult, this.Configuration, logger); return(account); }
public async Task HandlePostLoginAsync( IOwinEnvironment context, IOauthGrantAuthenticationResult grantResult, CancellationToken cancellationToken) { var accessToken = await grantResult.GetAccessTokenAsync(cancellationToken); var account = await accessToken.GetAccountAsync(cancellationToken); var postLoginHandlerContext = new PostLoginContext(context, account); await _handlers.PostLoginHandler(postLoginHandlerContext, cancellationToken); // Add Stormpath cookies Cookies.AddTokenCookiesToResponse(context, _client, grantResult, _configuration, _logger); }