public async Task <IActionResult> RefreshToken([FromBody] RefreshTokenRequest request) { ClaimsPrincipal validatedToken = _tokenService.IsTokenAuthentic(request.Token); if (validatedToken == null) { return(BadRequest(new ErrorResponse { Message = "This token has been tampered with." })); } RefreshToken refreshToken = await _tokenService.CanTokenBeRefreshedAsync(validatedToken, request.RefreshToken); if (refreshToken == null) { return(BadRequest(new ErrorResponse { Message = "Invalid Token, cannot refresh." })); } string organisationID = ClaimHelper.GetNamedClaim(validatedToken, "OrganisationID"); var transaction = _unitOfWork.RefreshTokenRepository.BeginTransaction(); RefreshTokenResponse refreshTokenResponse = await _tokenService.RefreshTokenAsync(validatedToken, refreshToken, organisationID); transaction.Commit(); return(Ok(new Response <RefreshTokenResponse>(refreshTokenResponse))); }
public static string GetOrganisationID(this HttpContext httpContext) { ClaimsPrincipal user = httpContext.User; if (user == null) { return(String.Empty); } return(ClaimHelper.GetNamedClaim(user, "OrganisationID")); }
public async Task <RefreshTokenResponse> RefreshTokenAsync(ClaimsPrincipal validatedToken, RefreshToken storedRefreshToken, string organisationID) { storedRefreshToken.Used = true; _unitOfWork.RefreshTokenRepository.Update(storedRefreshToken); await _unitOfWork.CompleteAsync(); string userID = ClaimHelper.GetNamedClaim(validatedToken, "ID"); User user = await _unitOfWork.UserRepository.GetWithDetailsAsync(userID, organisationID); Dictionary <string, string> tokens = await GetTokensAsync(user); tokens.TryGetValue("SecurityToken", out string securityToken); tokens.TryGetValue("RefreshToken", out string newRefreshToken); return(new RefreshTokenResponse { Email = user.Email, Token = securityToken, RefreshToken = newRefreshToken, }); }