private async Task Handle401Async() { if (_user == null) { return; } // If no refresh token, clear access token and exit if (string.IsNullOrEmpty(_user.RefreshToken)) { _user.AccessToken = string.Empty; return; } var request = new Oauth2Request { ClientId = _clientId, ClientSecret = _clientSecret, RefreshToken = _user.RefreshToken, GrantType = "refresh_token" }; var response = await Post <Oauth2Request, Oauth2Response>(request, "oauth2", "token"); _user.AccessToken = response?.Response?.AccessToken; _user.RefreshToken = response?.Response?.RefreshToken; await _userManager.UpdateAsync(_user); }
//Get access token using refresh token, stored for currently logged in user public async Task <IActionResult> OnGetRefreshAccessToken() { if (User == null) { return(Unauthorized()); } var user = await _userManager.GetUserAsync(User); var request = new Oauth2Request { ClientId = _clientId, ClientSecret = _clientSecret, RefreshToken = user.RefreshToken, GrantType = "refresh_token" }; var result = await Post <Oauth2Request, Oauth2Response>(request, "oauth2", "token"); if (result?.Response != null) { //Updating user tokens here, since refresh token is valid only for 1 request await UpdateUserTokensAsync(user, result.Response.AccessToken, result.Response.RefreshToken); } return(new JsonResult(new { AccessToken = result?.Response?.AccessToken })); }
// When an account has been created or the user has authorized you to access their account, a JS event will // be triggered with key 'client.authenticated'. You should register a listener to this and handle the // authorizationCode provided. Exchange it for AccessToken and RefreshToken if you want to access the users' // account at a later time. Check site.js for example. public async Task <IActionResult> OnGetClientAuthenticated(string authorizationCode) { var request = new Oauth2Request { ClientId = _clientId, ClientSecret = _clientSecret, Code = authorizationCode, GrantType = "authorization_code" }; var result = await Post <Oauth2Request, Oauth2Response>(request, "oauth2", "token"); if (result?.Response != null && User != null) { var user = await _userManager.GetUserAsync(User); await UpdateUserTokensAsync(user, result.Response.AccessToken, result.Response.RefreshToken); } return(new JsonResult(new { AccessToken = result?.Response?.AccessToken })); }