private async Task <IActionResult> issueTokens(ClaimsIdentity identity, string ip)
{
var prefix = "issueTokens() - ";
_logger.LogInformation(prefix + $"Issuing new access and refresh tokens for username {identity.Name}");
var jwtAccess = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: identity.Claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.AccessExpiration,
signingCredentials: _jwtOptions.SigningCredentials);
var jwtRefresh = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
//claims: identity.Claims,
//notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.RefreshExpiration,
signingCredentials: _jwtOptions.SigningCredentials);
string refreshTokenGuid = Guid.NewGuid().ToString(); // Stamp in a custom payload
string refreshTokenName = identity.Name;
jwtRefresh.Payload[GUIDKEY] = refreshTokenGuid;
jwtRefresh.Payload[NAMEKEY] = refreshTokenName;
jwtRefresh.Payload[IPKEY] = ip;
var handler = new JwtSecurityTokenHandler();
var encodedJwtAccess = handler.WriteToken(jwtAccess);
var encodedJwtRefresh = handler.WriteToken(jwtRefresh);
// Build the object to return
List <object> jwts = new List <object>();
jwts.Add(new {
access_token = encodedJwtAccess,
expires_in = (int)_jwtOptions.AccessValidFor.TotalSeconds
});
jwts.Add(new {
refresh_token = encodedJwtRefresh,
expires_in = (int)_jwtOptions.RefreshValidFor.TotalSeconds
});
// Store refresh token in database
await _tokenStore.CreateAsync(
new ApplicationJwtRefreshToken { Guid = refreshTokenGuid, Name = refreshTokenName, IP = ip },
new CancellationToken());
// Serialize and return the response
var json = JsonConvert.SerializeObject(jwts, _serializerSettings);
return(await Task.FromResult(new OkObjectResult(json)));
}
