public bool IsValidAccessToken(Guid accessTokenId, string[] accessGroup)
{
base.Logger.DebugFormat("Test access token {0} date", accessTokenId);
// test if token is valid
ICollection <TakeDocModel.AccessToken> accessTokens = daoAccessToken.GetBy(x => x.Id == accessTokenId &&
x.DateStartUTC <= System.DateTime.UtcNow &&
System.DateTime.UtcNow <= x.DateEndUTC);
if (accessTokens.Count() > 1)
{
return(false);
}
if (accessTokens.Count() <= 0)
{
return(false);
}
base.Logger.DebugFormat("Test access token {0} has valid date", accessTokenId);
base.Logger.DebugFormat("Test access token {0} group", accessTokenId);
if (accessGroup.Count() == 1 && accessGroup[0] == string.Empty)
{
return(true);
}
TakeDocModel.AccessToken current = accessTokens.First();
TakeDocModel.UserTk user = daoUserTk.GetBy(x => x.UserTkId == current.ClientId, x => x.GroupTk).First();
if (accessGroup.Contains(user.GroupTk.GroupTkReference) == false)
{
base.Logger.DebugFormat("no access for {0} token because is invalid group access", accessTokenId);
return(false);
}
base.Logger.DebugFormat("Test access token {0} group is valid", accessTokenId);
return(true);
}
private TakeDocModel.AccessToken GetNewAccessToken(Guid clientId, Guid tokenId, Guid roleId, Guid refreshTokenId, string source)
{
int durationAccess = Convert.ToInt32(daoParameter.GetBy(x => x.ParameterReference == "ACCESS_TOKEN_DURATION").First().ParameterValue);
TakeDocModel.AccessToken access = new TakeDocModel.AccessToken();
access.Id = tokenId;
access.ClientId = clientId;
access.DateStartUTC = System.DateTime.UtcNow;
access.DateEndUTC = System.DateTime.UtcNow.AddSeconds(durationAccess);
access.Source = source;
access.Role = roleId;
access.RefreshTokenId = refreshTokenId;
daoAccessToken.Context.SaveChanges();
daoAccessToken.Context.AccessToken.Add(access);
daoRefreshToken.Context.SaveChanges();
return(access);
}
public HttpResponseMessage CreateAccessToken(Guid refreshTokenId)
{
TakeDocService.Security.Interface.ITokenService token = Utility.MyUnityHelper.UnityHelper.Resolve <TakeDocService.Security.Interface.ITokenService>();
try
{
TakeDocModel.AccessToken access = token.GetAccessToken(refreshTokenId);
var back = new
{
AccessToken = access.Id,
AccessTokenTicks = access.DateEndUTC.Value.Ticks
};
return(Request.CreateResponse(back));
}
catch (Exception ex)
{
return(Request.CreateResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
