/// <inheritdoc/>
public async Task ValidateToken(IdentityTokenModel token)
{
if (token?.Identity == null)
{
throw new UnauthorizedAccessException();
}
var originalKey = await _distributedCache.GetStringAsync(token.Identity);
if (originalKey == token.Key)
{
return;
}
var currentToken = await _identityTokenRetriever.GetIdentityTokenAsync(token.Identity);
await _distributedCache.SetStringAsync(token.Identity, currentToken.Key,
new DistributedCacheEntryOptions {
AbsoluteExpiration = currentToken.Expires
});
if (currentToken.Expires != token.Expires ||
currentToken.Expires < DateTime.UtcNow ||
currentToken.Key != token.Key)
{
throw new UnauthorizedAccessException();
}
}
/// <summary>
/// Create endpoint access string
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
public static ConnectionString CreateFromAccessToken(IdentityTokenModel token)
{
var connectionString = new ConnectionString();
connectionString._items[Id.Expires] = token.Expires.ToBinary().ToString();
connectionString._items[Id.Endpoint] = token.Identity;
connectionString._items[Id.AccessKey] = token.Key;
return(connectionString);
}
/// <summary>
/// Create twin model
/// </summary>
/// <param name="model"></param>
public IdentityTokenApiModel(IdentityTokenModel model)
{
Identity = model?.Identity;
Key = model?.Key;
Expires = model?.Expires ?? DateTime.MinValue;
}
