Exemplo n.º 1
0
        public async Task <TokensCortage> Login(string email, string password)
        {
            var user = await _userManager.FindByNameAsync(email);

            if (user == null)
            {
                throw new AuthenticationException();
            }

            var checkResult = await _userManager.CheckPasswordAsync(user, password);

            if (!checkResult)
            {
                throw new AuthenticationException();
            }

            var refreshToken = _tokenGenerator.GenerateRefreshToken();
            await _tokenService.AddRefreshToken(refreshToken, user);

            return(new TokensCortage()
            {
                Token = _tokenGenerator.GenerateAccessToken(user),
                RefreshToken = refreshToken
            });
        }
        public TokenDTO ValidateCredentials(UserDTO userDTO)
        {
            string encryptesdPassword = ComputeHash(userDTO.password, new SHA256CryptoServiceProvider());

            var user = _userRepository.GetAll()
                       .Where(u => u.Email.Equals(userDTO.email) && u.Password == encryptesdPassword)
                       .FirstOrDefault();

            if (user == null)
            {
                return(null);
            }

            var claims = new List <Claim>
            {
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
                new Claim(JwtRegisteredClaimNames.UniqueName, user.Email)
            };

            var accessToken  = _tokenService.GenerateAccessToken(claims);
            var refreshToken = _tokenService.GenerateRefreshToken();

            user.RefreshToken           = refreshToken;
            user.RefreshTokenExpiryDate = DateTime.Now.AddDays(_configuration.DaysToExpiry);

            _userRepository.Update(user);

            DateTime createDate     = DateTime.Now;
            DateTime expirationDate = createDate.AddMinutes(_configuration.Minutes);

            return(new TokenDTO(
                       true,
                       createDate.ToString(DATE_FORMAT),
                       expirationDate.ToString(DATE_FORMAT),
                       accessToken,
                       refreshToken
                       ));
        }
Exemplo n.º 3
0
        public async Task <TokensCortage> RefreshToken(string token, string refreshToken)
        {
            var principal  = GetPrincipalFromExpiredToken(token);
            var userId     = principal.GetUserId();
            var savedToken = await _context.RefreshTokens.ByUser(userId).FirstAsync();

            if (savedToken == null || savedToken.Token != refreshToken)
            {
                throw new SecurityTokenException("Invalid refresh token");
            }

            var newToken        = _tokenGenerator.GenerateAccessToken(principal.Claims);
            var newRefreshToken = _tokenGenerator.GenerateRefreshToken();

            await UpdateRefreshToken(userId, newRefreshToken);

            return(new TokensCortage()
            {
                Token = newToken, RefreshToken = newRefreshToken
            });
        }
        public async Task <IActionResult> TokenAsync(
            string grant_type,
            string code,
            string redirect_uri,
            string client_id,
            string code_verifier,
            string client_secret
            )
        {
            var clientid     = Guid.Parse(client_id);
            var clientsecret = Guid.Parse(client_secret);
            var client       = await dataContext.OAuthClients.Where(x => x.ClientId == clientid &&
                                                                    x.ClientSecret == clientsecret).AsNoTracking().FirstOrDefaultAsync();

            if (client is not null)
            {
                var user = await dataContext.Users.Where(x => x.UserName == StaticData.CurrentUserName).AsNoTracking().FirstOrDefaultAsync();

                var access_token = await tokenGenerator.GenerateAccessToken(user);

                var refresh_token  = tokenGenerator.GenerateRefreshToken(user);
                var responseObject = new
                {
                    access_token,
                    refresh_token,
                    token_type = "bearer"
                };
                var responseJson  = JsonConvert.SerializeObject(responseObject);
                var responseBytes = Encoding.UTF8.GetBytes(responseJson);

                await Response.Body.WriteAsync(responseBytes, 0, responseBytes.Length);

                return(Redirect(redirect_uri));
            }
            return(View());
        }