public async Task <IActionResult> Refresh([FromBody] RefreshRequestModel refreshRequest)
{
var principal = AccessTokenService.GetPrincipalFromExpiredToken(refreshRequest.Token);
var userId = principal.Identity.Name;
var savedRefreshToken = await AccessTokenService.GetRefreshTokenAsync(userId);
if (savedRefreshToken != refreshRequest.RefreshToken)
{
return(BadRequest("Invalid refresh token"));
}
string newJwtToken = null;
string newRefreshToken = null;
try
{
newJwtToken = AccessTokenService.GenerateAccessToken(userId);
newRefreshToken = AccessTokenService.GenerateRefreshToken();
await AccessTokenService.DeleteRefreshTokenAsync(userId, refreshRequest.RefreshToken);
await AccessTokenService.SaveRefreshTokenAsync(userId, newRefreshToken);
}
catch (Exception e)
{
Logger.LogError(e, e.Message);
return(StatusCode(500));
}
return(Ok(new
{
token = newJwtToken,
refreshToken = newRefreshToken
}));
}
public IActionResult AddRereshRequest([FromBody] NewRequestModel newRequest)
{
var newRequestId = Guid.NewGuid().ToString();
var user = WindowsIdentity.GetCurrent().Name;
var dbs = new List <DatabaseLogModel>();
for (var i = 0; i < newRequest.DatabaseNames.Length; i++)
{
var db = new DatabaseLogModel()
{
RefreshRequstId = newRequestId,
DatabaseName = newRequest.DatabaseNames[i]
};
dbs.Add(db);
}
var request = new RefreshRequestModel()
{
Id = newRequestId,
Environment = newRequest.Environment,
Status = "Initiated",
Requestor = user,
ScheduleDate = DateTime.Now,
ScheduledBy = user,
Databases = dbs
};
_context.RefreshRequests.Add(request);
_context.SaveChanges();
return(Ok(request));
}
public async Task <IActionResult> Refresh(RefreshRequestModel refreshTokenModel)
{
var principal = GetPrincipalFromExpiredToken(refreshTokenModel.token);
var username = principal.Identity.Name;
var savedRefreshToken = _repo.GetRefreshToken(username).Result; //retrieve the refresh token from a data store
if (savedRefreshToken.Token != refreshTokenModel.refreshToken)
{
await _repo.RemoveRefreshToken(username, refreshTokenModel.refreshToken);
throw new SecurityTokenException("Invalid refresh token");
}
if (DateTime.UtcNow > savedRefreshToken.RefreshTokenExpiration)
{
await _repo.RemoveRefreshToken(username, refreshTokenModel.refreshToken);
throw new SecurityTokenException("Invalid token!");
}
var newJwtToken = GenerateAccessToken(principal.Claims);
var newRefreshToken = GenerateRefreshTokenModel();
//_repo.RemoveRefreshToken(username, refreshTokenModel.refreshToken);
await _repo.SaveRefreshToken(username, newRefreshToken);
return(Ok(new
{
token = newJwtToken,
refreshToken = newRefreshToken
}));
}
public IActionResult Refresh([FromBody] RefreshRequestModel model)
{
IActionResult response = Unauthorized();
var user = this.ReAuthenticate(model.RefreshToken, out var isReAuthenticated);
if (isReAuthenticated && user != null)
{
// JWT生成
var tokenSet = this.CreateTokenSet(user);
response = Ok(tokenSet);
}
return(response);
}
public async Task <AuthResultModel> RefreshUserToken(RefreshRequestModel refreshRequest)
{
var tokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["App:Auth:Key"])),
ValidateLifetime = false
};
var tokenHandler = new JwtSecurityTokenHandler();
var principal = tokenHandler.ValidateToken(refreshRequest.Token, tokenValidationParameters, out var securityToken);
if (!(securityToken is JwtSecurityToken jwtSecurityToken) || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
{
throw new BadRequestException("Invalid token");
}
var userId = Guid.Parse(principal.FindFirstValue(ClaimTypes.NameIdentifier));
var user = await _userManager.Users.Include(u => u.UserRoles).ThenInclude(ur => ur.Role)
.FirstOrDefaultAsync(u => u.Id == userId);
if (user == null)
{
throw new BadRequestException("Invalid token");
}
user.RefreshToken = GenerateRefreshToken();
await _userManager.UpdateAsync(user);
var roles = user.UserRoles?.Select(_ => _.Role.Name).ToList();
var userPermissions = user.UserRoles?.SelectMany(_ => _.Role.Permissions.Split(",")).ToList();
var resultModel = new AuthResultModel
{
Token = await GenerateUserToken(user),
Expire = DateTime.UtcNow.AddDays(7),
UserId = user.Id,
RefreshToken = user.RefreshToken,
Roles = roles,
Permissions = userPermissions
};
return(resultModel);
}
public async Task TokenRefreshes()
{
var username = "******";
var password = "******";
var authResult = await SignUpUser(username, password);
var refreshModel = new RefreshRequestModel
{
Token = authResult.Token,
RefreshToken = authResult.RefreshToken
};
var refreshResponse = await PostModel <AuthResultModel, RefreshRequestModel>("/api/v1/auth/refresh", refreshModel);
AssertSuccesDataResponse(refreshResponse);
refreshResponse.Data.Token.Should().NotBeNullOrEmpty();
refreshResponse.Data.RefreshToken.Should().NotBeNullOrEmpty();
refreshResponse.Data.UserId.Should().NotBeEmpty();
}
public async Task <IActionResult> Refresh([FromBody] RefreshRequestModel model)
{
RefreshResponseModel result = await _authService.UpdateRefreshTokenAsync(model);
return(Ok(result));
}
public async Task <BaseResponse <AuthResultModel> > Refresh(RefreshRequestModel model) => await PrepareResponse(_authService.RefreshUserToken, model);
public async Task <RefreshResponseModel> UpdateRefreshTokenAsync(RefreshRequestModel model)
{
return(await _sessionService.UpdateAsync(model.RefreshToken));
}
