public async Task <Models.Token> GetRefreshToken(Models.AccessCred cred)
{
// Ricavo il refresh token
Models.RefreshToken refT = await GetRefToken(cred.Refresh_token);
// Controllo refresh token
if (refT != null)
{
// Controllo se il refresh token è scaduto
if (DateTime.Compare(refT.DateExpires, DateTime.Now) > 0)
{
// Ricavo i dati utente
Models.User user = GetUser(refT.UserId);
return(await CreateToken(user.UserId, user.RoleId, cred.Refresh_token));
}
else
{
// Elimino il refresh token scaduto
await DeleteRefreshToken(cred.Refresh_token);
}
}
return(null);
}
public void SaveRefreshToken(Models.RefreshToken refreshToken)
{
var existingToken = _context.RefreshTokens.SingleOrDefault(i => i.UserId == refreshToken.UserId);
if (existingToken != null)
{
_context.RefreshTokens.Remove(existingToken);
_context.SaveChanges();
}
_context.RefreshTokens.Add(refreshToken);
_context.SaveChanges();
}
public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var refreshTokenId = Guid.NewGuid().ToString("n");
using (var repo = new AuthRepository())
{
var refreshTokenLifeTime = context.OwinContext.Get <string>("as:clientRefreshTokenLifeTime");
var token = new Models.RefreshToken()
{
Id = Helper.GetHash(refreshTokenId),
ClientId = clientid,
Subject = context.Ticket.Identity.Name,
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.AddMinutes(Convert.ToDouble(refreshTokenLifeTime))
};
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
token.ProtectedTicket = context.SerializeTicket();
var result = await repo.AddRefreshToken(token);
if (result)
{
context.SetToken(refreshTokenId);
}
}
}
private async Task <Models.Token> CreateToken(int userID, int roleId, string refTokenOld)
{
Models.Token token = null;
// Creo il token
Services.JwtHandler jwt = new Services.JwtHandler();
{
token = jwt.CreateToken(userID, roleId);
}
// Pulizia token scaduti
await ClearTokenExpired(userID);
// Controllo se eliminare il token precedente
if (refTokenOld.Length > 0)
{
await DeleteRefreshToken(refTokenOld);
}
// Memorizzo il refreshToken
Models.RefreshToken refT = new Models.RefreshToken
{
DateIssued = DateTime.Now,
DateExpires = DateTime.Now.AddDays(30), // 1 Mese
Refresh_token = token.Refresh_token,
UserId = userID
};
await SaveRefreshToken(refT);
// -----------------
return(token);
}
public void RevokeRefreshToken(Models.RefreshToken refreshToken)
{
_context.RefreshTokens.Remove(refreshToken);
}
private async Task SaveRefreshToken(Models.RefreshToken refT)
{
await Db.ExecuteAsync("INSERT INTO Web_RefreshToken(UserId, Refresh_Token, DateIssued, DateExpires) VALUES(@UserId, @Refresh_Token, @DateIssued, @DateExpires)", refT);
}
// overload method
public AuthenticateResponse Authenticate(string userName, Claim[] claims, string ipAddress, RefreshCred refreshCred)
{
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var jwtSecurityToken = new JwtSecurityToken(
claims: claims,
expires: DateTime.UtcNow.AddMinutes(5),
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
);
var Users = _userBs.GetAll();
var user = Users.SingleOrDefault(x => x.Username == userName);
// return null if user not found
if (user == null)
{
return(null);
}
var Usermodal = new WebApi.Models.User()
{
Username = user.Username,
Id = user.Id,
Password = user.Password,
FirstName = user.FirstName,
LastName = user.LastName
};
var token = GenerateJwtToken(Usermodal, claims);
// var token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
var refreshToken = user.RefreshTokens.Single(x => x.Token.Trim().Equals(refreshCred.RefreshToken.Trim()));
// this is to change the expired and active conditions
// pending using automapper
var refrshtokenMod = new Models.RefreshToken()
{
Revoked = DateTime.UtcNow,
Expires = (DateTime)refreshToken.Expires,
};
var newrefreshToken = refreshTokenGenerator.generateRefreshToken(ipAddress);
// subsequesnt tokens
_session.SetString(user.Username, newrefreshToken.Token);
refreshToken.Expires = refrshtokenMod.Expires;
refreshToken.Revoked = DateTime.UtcNow;
refreshToken.RevokedByIp = ipAddress;
refreshToken.ReplacedByToken = newrefreshToken.Token;
refreshToken.IsActive = refrshtokenMod.IsActive;
user.RefreshTokens.Add(new DAL.Models.RefreshToken()
{
Token = newrefreshToken.Token,
Expires = newrefreshToken.Expires,
IsExpired = newrefreshToken.IsExpired,
Created = newrefreshToken.Created,
CreatedByIp = newrefreshToken.CreatedByIp,
Revoked = newrefreshToken.Revoked,
RevokedByIp = newrefreshToken.RevokedByIp,
ReplacedByToken = newrefreshToken.ReplacedByToken,
IsActive = newrefreshToken.IsActive,
UserId = user.Id
});
var success = _userBs.Update(user);
return(new AuthenticateResponse(Usermodal, token, newrefreshToken.Token));
}
