public async Task <IActionResult> RefreshToken([FromBody] RefreshTokenRequest request)
        {
            ClaimsPrincipal validatedToken = _tokenService.IsTokenAuthentic(request.Token);

            if (validatedToken == null)
            {
                return(BadRequest(new ErrorResponse {
                    Message = "This token has been tampered with."
                }));
            }

            RefreshToken refreshToken = await _tokenService.CanTokenBeRefreshedAsync(validatedToken, request.RefreshToken);

            if (refreshToken == null)
            {
                return(BadRequest(new ErrorResponse {
                    Message = "Invalid Token, cannot refresh."
                }));
            }

            string organisationID = ClaimHelper.GetNamedClaim(validatedToken, "OrganisationID");

            var transaction = _unitOfWork.RefreshTokenRepository.BeginTransaction();

            RefreshTokenResponse refreshTokenResponse = await _tokenService.RefreshTokenAsync(validatedToken, refreshToken, organisationID);

            transaction.Commit();

            return(Ok(new Response <RefreshTokenResponse>(refreshTokenResponse)));
        }
Пример #2
0
        public static string GetOrganisationID(this HttpContext httpContext)
        {
            ClaimsPrincipal user = httpContext.User;

            if (user == null)
            {
                return(String.Empty);
            }

            return(ClaimHelper.GetNamedClaim(user, "OrganisationID"));
        }
Пример #3
0
        public async Task <RefreshTokenResponse> RefreshTokenAsync(ClaimsPrincipal validatedToken, RefreshToken storedRefreshToken, string organisationID)
        {
            storedRefreshToken.Used = true;
            _unitOfWork.RefreshTokenRepository.Update(storedRefreshToken);
            await _unitOfWork.CompleteAsync();

            string userID = ClaimHelper.GetNamedClaim(validatedToken, "ID");

            User user = await _unitOfWork.UserRepository.GetWithDetailsAsync(userID, organisationID);

            Dictionary <string, string> tokens = await GetTokensAsync(user);

            tokens.TryGetValue("SecurityToken", out string securityToken);
            tokens.TryGetValue("RefreshToken", out string newRefreshToken);

            return(new RefreshTokenResponse
            {
                Email = user.Email,
                Token = securityToken,
                RefreshToken = newRefreshToken,
            });
        }