public virtual async Task <IActionResult> LoginRefreshAsync([FromBody][Required] LoginRefresh loginRefresh, CancellationToken cancellationToken = default) { var accessToken = await this.IdentityManager .SignInRefreshAsync(loginRefresh, cancellationToken); return(this.Ok(accessToken)); }
public virtual async Task <IActionResult> LoginRefreshAsync([FromBody][Required] LoginRefresh loginRefresh, CancellationToken cancellationToken = default) { var jwtToken = this.HttpContext.GetJwtToken(); var accessToken = await this.IdentityManager .SignInRefreshAsync(jwtToken, loginRefresh.RefreshToken, cancellationToken); return(this.Ok(accessToken)); }
public async Task <IActionResult> RefreshAsync([FromServices] IAuthAppService authAppService, [FromForm] LoginRefresh loginRefresh) { var token = await authAppService.RefreshAsync(loginRefresh.Key, loginRefresh.UId, Request.HttpContext.Connection.RemoteIpAddress.AddressFamily.ToString()); return(Ok(token)); }
/// <summary> /// Refresh the login of a user. /// </summary> /// <param name="loginRefresh">The <see cref="LoginRefresh"/>.</param> /// <param name="cancellationToken">The <see cref="CancellationToken"/>.</param> /// <returns>The <see cref="AccessToken"/>.</returns> public virtual async Task <AccessToken> SignInRefreshAsync(LoginRefresh loginRefresh, CancellationToken cancellationToken = default) { if (loginRefresh == null) { throw new ArgumentNullException(nameof(loginRefresh)); } try { var validationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = false, ValidateIssuerSigningKey = true, ValidIssuer = this.Options.Jwt.Issuer, ValidAudience = this.Options.Jwt.Audience, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(this.Options.Jwt.SecretKey)), ClockSkew = TimeSpan.FromMinutes(5) }; var authorizationHeader = this.SignInManager.Context.Request.Headers["Authorization"].FirstOrDefault(); var accessToken = authorizationHeader?.Replace("Bearer ", string.Empty); if (accessToken == null) { throw new NullReferenceException(nameof(accessToken)); } var principal = new JwtSecurityTokenHandler() .ValidateToken(accessToken, validationParameters, out var securityToken); if (!(securityToken is JwtSecurityToken jwtSecurityToken) || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { throw new InvalidOperationException(); } var identityUser = await this.UserManager .FindByNameAsync(principal.Identity.Name); var appClaim = principal.Claims.FirstOrDefault(x => x.Type == ClaimTypesExtended.AppId); if (appClaim == null) { throw new NullReferenceException(nameof(appClaim)); } var identityUserToken = this.DbContext .Set <IdentityUserTokenExpiry <string> >() .Where(x => x.UserId == identityUser.Id && x.Name == appClaim.Value) .AsNoTracking() .FirstOrDefault(); if (identityUserToken == null) { throw new NullReferenceException(nameof(identityUserToken)); } if (identityUserToken.Value != loginRefresh.RefreshToken) { throw new InvalidOperationException("identityUserToken.Value != loginRefresh.RefreshToken"); } if (identityUserToken.ExpireAt <= DateTimeOffset.UtcNow) { throw new InvalidOperationException("identityUserToken.ExpireAt <= DateTimeOffset.UtcNow"); } return(await this.GenerateJwtToken(identityUser, identityUserToken.Name)); } catch (Exception ex) { this.UserManager.Logger.LogWarning(ex, ex.Message); throw new UnauthorizedException(); } }