public async Task LoadNewToken(RefreshTokenResponse response) { IdentityToken = new IdentityToken(response.IdentityToken); await _tokenRepo.SaveIdentityToken(response.IdentityToken); await _tokenRepo.SaveRefreshToken(response.RefreshToken); }
public void Refresh_SUCCESS() { //Arrange var refreshTokenRequest = new RefreshTokenRequest { RefreshToken = "token" }; var targetTokenResponse = new RefreshTokenResponse() { AccessToken = "access", RefreshToken = "refresh" }; mockDbService.Setup(service => service.RefreshToken(refreshTokenRequest)) .Returns(targetTokenResponse); //Act var actionResult = clientsController.RefreshToken(refreshTokenRequest); //Assert var createdObjectResult = actionResult as ObjectResult; Assert.NotNull(createdObjectResult); Assert.Equal(201, createdObjectResult.StatusCode); var resultTokenResponse = createdObjectResult.Value as RefreshTokenResponse; Assert.Equal(targetTokenResponse, resultTokenResponse); }
/// <summary> /// Refresh existing Access Token with the Refresh Token. /// </summary> /// <param name="refreshToken">Refresh Token used to get a new Access Token.</param> /// <returns></returns> public async Task Authorize(string refreshToken) { using (HttpContent content = new FormUrlEncodedContent(new List <KeyValuePair <string, string> > { new KeyValuePair <string, string>("grant_type", "refresh_token"), new KeyValuePair <string, string>("client_id", clientId), new KeyValuePair <string, string>("client_secret", secretId), new KeyValuePair <string, string>("refresh_token", refreshToken) })) { HttpResponseMessage result = await client.PostAsync("oauth/refresh", content).ConfigureAwait(false); if (result.IsSuccessStatusCode) { string response = await result.Content.ReadAsStringAsync().ConfigureAwait(false); RefreshTokenResponse tokenObj = JsonConvert.DeserializeObject <RefreshTokenResponse>(response); this.accessToken = tokenObj.access_token; this.accessTokenExpires = tokenObj.expires_in; client.DefaultRequestHeaders.Remove("Access-Token"); client.DefaultRequestHeaders.Add("Access-Token", accessToken); } else { string response = await result.Content.ReadAsStringAsync().ConfigureAwait(false); HandleError(result.StatusCode, response, true); } } }
/// <inheritdoc /> public HttpResponseMessage Authorize(string refreshToken) { using (HttpContent content = new FormUrlEncodedContent(new List <KeyValuePair <string, string> > { new KeyValuePair <string, string>("grant_type", "refresh_token"), new KeyValuePair <string, string>("client_id", _clientId), new KeyValuePair <string, string>("client_secret", _secretId), new KeyValuePair <string, string>("refresh_token", refreshToken) })) { HttpResponseMessage result = _client.PostAsync("oauth/refresh", content).Result; if (result.IsSuccessStatusCode) { string response = result.Content.ReadAsStringAsync().Result; RefreshTokenResponse tokenObj = JsonConvert.DeserializeObject <RefreshTokenResponse>(response); AccessToken = tokenObj.access_token; AccessTokenExpires = tokenObj.expires_in; //_client.DefaultRequestHeaders.Remove("Authorization"); //_client.DefaultRequestHeaders.Add("Authorization", $"Bearer {AccessToken}"); _client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken); } else { string response = result.Content.ReadAsStringAsync().Result; HandleError(result.StatusCode, response, true); } return(result); } }
public static void Refresh() { HttpClient httpClient = new HttpClient(); Request request = new Request(HttpClient.Method.GET, Route.REFRESH_TOKEN); httpClient.Request( request, (statusCode, response) => { //SetToken RefreshTokenResponse refreshToken = Deserialize(response); Token.SetToken(refreshToken.token); //Send Delayed Request FullRequest fullRequest = State.PendingFullRequestWhileRefreshingToken; httpClient.Request( fullRequest.request, fullRequest.callback, fullRequest.fallback ); }, (statusCode, error) => { } ); }
private async Task <LoginResponse> GenerateJSONWebToken(AppUser userInfo) { var response = new LoginResponse(); var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var userRole = (await _userManager.GetRolesAsync(userInfo)).FirstOrDefault(); var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, userInfo.Id.ToString()), new Claim(CustomClaimName.UserName, userInfo.UserName), new Claim(CustomClaimName.Email, userInfo.Email), new Claim(CustomClaimName.UserId, userInfo.Id.ToString()), new Claim(ClaimTypes.Role, userRole) }; var time = _configuration.GetValue <int>("Jwt:AccessTokenLifeTime"); var token = new JwtSecurityToken(_configuration["Jwt:Issuer"], _configuration["Jwt:Issuer"], claims, expires: DateTime.Now.AddMinutes(time), signingCredentials: credentials); var refreshToken = new RefreshTokenResponse { UserId = userInfo.Id, Id = Guid.NewGuid().ToString() }; var resData = _taposRsa.EncryptData(JsonConvert.SerializeObject(refreshToken), "v1"); response.Token = new JwtSecurityTokenHandler().WriteToken(token); response.Expire = time * 60; response.RefreshToken = resData; //await StoreTokenInformation(userInfo.Id, response.Token, response.RefreshToken); return(response); }
public async Task <RefreshTokenResponse> RefreshTokenAsync(RefreshTokenRequest request) { var response = new RefreshTokenResponse(); if (request.refreshToken.IsGuid()) { return(response.ReturnWithCode(AuthenticationMessageHelper.Code.InvalidRefresh.Value(), AuthenticationMessageHelper.ResponseMessages)); } var token = await _userTokenStorageService.FindTokenAsync(request.refreshToken); if (token == null) { return(response.ReturnWithCode(AuthenticationMessageHelper.Code.TokenUnauthorizedForRefreshToken.Value(), AuthenticationMessageHelper.ResponseMessages)); } var result = await _userTokenFactoryService.CreateJwtTokensAsync(token.User); await _userTokenStorageService.AddUserTokenStorageAsync(token.User, result.RefreshTokenSerial, result.AccessToken, _userTokenFactoryService.GetRefreshTokenSerial(request.refreshToken)); await _unitOfWork.SaveChangesAsync(); _antiForgeryCookieService.RegenerateAntiForgeryCookies(result.Claims); response.refresh_token = result.RefreshToken; response.access_token = result.AccessToken; return(response.ReturnWithCode(AuthenticationMessageHelper.Code.RefreshTokenSuccess.Value(), AuthenticationMessageHelper.ResponseMessages)); }
public async Task <IActionResult> RefreshToken([FromBody] RefreshTokenRequest request) { ClaimsPrincipal validatedToken = _tokenService.IsTokenAuthentic(request.Token); if (validatedToken == null) { return(BadRequest(new ErrorResponse { Message = "This token has been tampered with." })); } RefreshToken refreshToken = await _tokenService.CanTokenBeRefreshedAsync(validatedToken, request.RefreshToken); if (refreshToken == null) { return(BadRequest(new ErrorResponse { Message = "Invalid Token, cannot refresh." })); } string organisationID = ClaimHelper.GetNamedClaim(validatedToken, "OrganisationID"); var transaction = _unitOfWork.RefreshTokenRepository.BeginTransaction(); RefreshTokenResponse refreshTokenResponse = await _tokenService.RefreshTokenAsync(validatedToken, refreshToken, organisationID); transaction.Commit(); return(Ok(new Response <RefreshTokenResponse>(refreshTokenResponse))); }
public async Task <IActionResult> Refresh([FromBody] RefreshTokenRequest request) { var refreshingResult = await _mediator.Send(request); var result = new RefreshTokenResponse { Success = refreshingResult.Success, Errors = refreshingResult.Errors, }; if (!refreshingResult.Success) { return(Ok(result)); } var tokens = await _mediator.Send(new GenerateTokenRequest { UserId = refreshingResult.UserId, Platform = request.Platform, }); result.Token = tokens.Token; return(Ok(result)); }
/// <summary> /// Unmarshaller the response from the service to the response class. /// </summary> /// <param name="context"></param> /// <returns></returns> public override AmazonWebServiceResponse Unmarshall(JsonUnmarshallerContext context) { RefreshTokenResponse response = new RefreshTokenResponse(); context.Read(); int targetDepth = context.CurrentDepth; while (context.ReadAtDepth(targetDepth)) { if (context.TestExpression("accessToken", targetDepth)) { var unmarshaller = StringUnmarshaller.Instance; response.AccessToken = unmarshaller.Unmarshall(context); continue; } if (context.TestExpression("expiresIn", targetDepth)) { var unmarshaller = IntUnmarshaller.Instance; response.ExpiresIn = unmarshaller.Unmarshall(context); continue; } } return(response); }
public async Task <RefreshTokenResponse> RefreshToken(RefreshTokenRequest request) { var currentUserPrincipal = _tokenService.GetPrincipal(request.Token); var emailClaim = currentUserPrincipal.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Email); var tokenEntity = _dbContext.RefreshTokens .Include(x => x.User) .FirstOrDefault(x => x.Token == request.RefreshToken); if (tokenEntity == null || emailClaim == null || emailClaim.Value != tokenEntity.User.Email) { throw new Exception("Refresh token is invalid."); } var appSettings = _appSettings.Value; var refreshToken = _tokenService.GenerateRefreshToken(); var token = _tokenService.GenerateToken(appSettings.JwtSettings.Secret, CreateClaims(tokenEntity.User), appSettings.JwtSettings.Expiration); var response = new RefreshTokenResponse() { Username = tokenEntity.User.Email, RefreshToken = refreshToken, Token = token.Token, Expiration = token.Expiration }; tokenEntity.Token = refreshToken; _dbContext.RefreshTokens.Update(tokenEntity); await _dbContext.SaveChangesAsync(); return(response); }
public static async Task ConnectApiAsync() { try { LoggingManager.Log.Info("Connecting"); _ApiSettings = new ApiSettings { ClientId = SettingsManager.Configuration.TwitchClientId, AccessToken = SettingsManager.Configuration.TwitchToken }; _TwitchApi = new TwitchAPI(settings: _ApiSettings); LoggingManager.Log.Info("Connected"); bool wasRefreshed = false; RefreshTokenResponse refresh = _TwitchApi.ThirdParty.AuthorizationFlow.RefreshToken(SettingsManager.Configuration.TwitchRefresh); if (!string.IsNullOrEmpty(refresh.Refresh)) { SettingsManager.Configuration.TwitchRefresh = refresh.Refresh; wasRefreshed = true; } if (!string.IsNullOrEmpty(refresh.Token)) { SettingsManager.Configuration.TwitchToken = refresh.Token; wasRefreshed = true; } if (wasRefreshed) { SettingsManager.Save(); } //_TwitchApi.ThirdParty.AuthorizationFlow.OnUserAuthorizationDetected += (s, a) => { // Console.WriteLine($" id: {a.Id}"); // Console.WriteLine($"username: {a.Username}"); // Console.WriteLine($" token: {a.Token}"); // Console.WriteLine($" refresh: {a.Refresh}"); // Console.WriteLine($" scopes: {a.Scopes}"); //}; #if DEBUG return; #endif // Get user id's for streams that do not have it set if (await CompleteTwitchStreamSettingsAsync()) { StartMonitor(); } else { LoggingManager.Log.Error("Failed to complete Twitch stream settings, skipping stream monitoring."); } } catch (Exception ex) { LoggingManager.Log.Error(ex); } }
public async Task Invoke() { _logger.LogInformation($"{nameof(RefreshAccessTokenJob)} started - {{Guid}}", _guid); RefreshTokenResponse refreshTokenResponse = await _tooGoodToGoService.RefreshAccessTokenAsync(_context.RefreshToken); _context.AccessToken = refreshTokenResponse.AccessToken; _context.RefreshToken = refreshTokenResponse.RefreshToken; _logger.LogInformation($"{nameof(RefreshAccessTokenJob)} ended - {{Guid}}", _guid); }
public async Task <RefreshTokenResponse> SendTokenDataAsync(RefreshTokenRequest tokenRequest) { RestClient client = WebServiceContext.GetUrl("/api/v2/login"); RestRequest request = WebServiceContext.GetRequestBody("post"); request.AddParameter("application/json", JsonConvert.SerializeObject(tokenRequest), ParameterType.RequestBody); IRestResponse response = await client.ExecuteTaskAsync(request); RefreshTokenResponse refreshTokenResponse = JsonConvert.DeserializeObject <RefreshTokenResponse>(response.Content); return(refreshTokenResponse); }
/// <summary> /// Refreshed the internally saved authorization information (if necessary) and uses the refreshed authorization for /// upcoming requests to the GROHE Api. /// </summary> /// <returns>Returns the new refreshToken, which is also now saved internally in the service</returns> public string refreshAuthorization() { if (refreshTokenResponse == null) { return(null); } RefreshTokenAction refreshTokenAction = apiClient.getAction <RefreshTokenAction>(); this.refreshTokenResponse = refreshTokenAction.refresh(refreshTokenResponse.refreshToken); apiClient.setToken(this.refreshTokenResponse.accessToken); return(refreshTokenResponse.refreshToken); }
public int RefreshToken() { var client = new RestClient(ServerAddress.Address + "/api/profile/refreshlogintoken"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "Bearer " + UserInfo.Token); IRestResponse response = client.Execute(request); Console.WriteLine(response.Content); RefreshTokenResponse res = JsonConvert.DeserializeObject <RefreshTokenResponse>(response.Content); return(res.status); }
private static RefreshTokenResponse Deserialize(object response) { var responseJson = (string)response; var data = fsJsonParser.Parse(responseJson); object deserialized = null; serializer.TryDeserialize(data, typeof(RefreshTokenResponse), ref deserialized); RefreshTokenResponse serializedData = deserialized as RefreshTokenResponse; return(serializedData); }
public async Task <RefreshTokenResponse> RefreshAccessTokenAsync(string refreshToken) { var request = new HttpRequestMessage(HttpMethod.Post, $"{_apiOptions.BaseUrl}{_apiOptions.RefreshTokenEndpoint}"); var refreshTokenRequest = new RefreshTokenRequest { RefreshToken = refreshToken }; SerializeHttpRequestContentAsJson(request, refreshTokenRequest); RefreshTokenResponse refreshTokenResponse = await ExecuteAndThrowIfNotSuccessfulAsync <RefreshTokenResponse>(request); return(refreshTokenResponse); }
public PetWhizzResponse RefreshToken(RefreshTokenRequest RefreshTokenRequest) { PetWhizzResponse _oResponse; try { RefreshTokenResponse RefreshTokenResponse = userServices.RefreshToken(RefreshTokenRequest); _oResponse = Utils.CreateSuccessResponse(RefreshTokenResponse); } catch (Exception ex) { _oResponse = Utils.CreateErrorResponse(ex); } return(_oResponse); }
public async Task <RefreshTokenResponse> RefreshToken(RefreshTokenRequest model) { var userId = _authHelper.GetUserId(); User user = await _userManager.FindByIdAsync(userId); var role = (await _userManager.GetRolesAsync(user)).FirstOrDefault(); var authToken = _jwtHelper.CreateToken(user, role, 1); var refreshToken = _jwtHelper.CreateToken(user, role, 2); RefreshTokenResponse response = _mapper.Map <User, RefreshTokenResponse>(user); response.RefreshToken = refreshToken; response.AuthToken = authToken; response.Role = (Role)Enum.Parse(typeof(Role), role); return(response); }
public async Task <IActionResult> Refresh([FromBody] RefreshTokenResponse model) { var authority = $"{_configuration["Authority"]}/connect/token"; var clientSecret = _configuration["ClientSecret"]; var httpResponseMessage = await _httpClientService.Post(authority, new FormUrlEncodedContent(new Dictionary <string, string> { { "grant_type", "refresh_token" }, { "refresh_token", model.RefreshToken }, { "scope", "lastseenapi" }, { "client_id", "lastseen" }, { "client_secret", clientSecret }, })); return(StatusCode((int)httpResponseMessage.StatusCode, await httpResponseMessage.Content.ReadAsStringAsync())); }
private void AuthorizationFlow_OnUserAuthorizationDetected(object sender, TwitchLib.Api.Events.OnUserAuthorizationDetectedArgs e) { MainForm.StaticPostToDebug("Authorization detected! Below are the details:"); MainForm.StaticPostToDebug($"Flow Id: {e.Id}"); MainForm.StaticPostToDebug($"Username: {e.Username}"); MainForm.StaticPostToDebug($"Token: {e.Token}"); MainForm.StaticPostToDebug($"Refresh: {e.Refresh}"); MainForm.StaticPostToDebug($"Scopes: {string.Join(", ", e.Scopes)}"); Console.WriteLine(); MainForm.StaticPostToDebug("Verifying refresh functionality..."); RefreshTokenResponse resp = API.ThirdParty.AuthorizationFlow.RefreshToken(e.Refresh); MainForm.StaticPostToDebug($"Refreshed token: {resp.Token}"); MainForm.StaticPostToDebug($"Refreshed refresh token: {resp.Refresh}"); }
public static RefreshTokenResponse Unmarshall(UnmarshallerContext context) { RefreshTokenResponse refreshTokenResponse = new RefreshTokenResponse(); refreshTokenResponse.HttpResponse = context.HttpResponse; refreshTokenResponse.RequestId = context.StringValue("RefreshToken.RequestId"); refreshTokenResponse.Success = context.BooleanValue("RefreshToken.Success"); refreshTokenResponse.Code = context.StringValue("RefreshToken.Code"); refreshTokenResponse.Message = context.StringValue("RefreshToken.Message"); refreshTokenResponse.HttpStatusCode = context.IntegerValue("RefreshToken.HttpStatusCode"); RefreshTokenResponse.RefreshToken_Token token = new RefreshTokenResponse.RefreshToken_Token(); token.Signature = context.StringValue("RefreshToken.Token.Signature"); token.SignData = context.StringValue("RefreshToken.Token.SignData"); refreshTokenResponse.Token = token; return(refreshTokenResponse); }
internal RefreshTokenResponse RefreshToken(RefreshTokenRequest refreshTokenRequest) { logger.Debug("Recived RefreshToken request"); RefreshTokenResponse RefreshTokenResponse; try { if (String.IsNullOrEmpty(refreshTokenRequest.token)) { logger.Error("Refresh token validation failed"); throw new CustomException("Refresh token validation failed.Token is null", (int)ErrorCode.VALIDATIONFAILED); } refreshTokenRequest.token = Decryptor.Decrypt(refreshTokenRequest.token).Split('|')[1]; String NewToken = Guid.NewGuid().ToString(); using (var ctx = new PetWhizzEntities()) { userToken UserToken = ctx.userTokens.Where(a => a.token == refreshTokenRequest.token && a.tokenType == "AUTHTOKEN").FirstOrDefault(); if (UserToken == null) { logger.Error("token is invalid"); throw new CustomException(" token is invalid", (int)ErrorCode.UNAUTHORIZED); } //update existing token ctx.userTokens.Attach(UserToken); UserToken.generatedTime = DateTime.Now; UserToken.token = NewToken; UserToken.expiryTime = DateTime.Now.AddSeconds(TokenExpiryTime); ctx.SaveChanges(); RefreshTokenResponse = new RefreshTokenResponse() { token = Encryptor.Encrypt(DateTime.Now.ToString("M/d/yyyy h:mm:ss tt") + "|" + NewToken), }; } } catch (CustomException) { throw; } catch (Exception ex) { logger.Error(MethodBase.GetCurrentMethod().Name + ": exception: " + ex.Message + ", " + ex.InnerException); throw new CustomException("SystemError", ex, (int)ErrorCode.PROCEESINGERROR); } return(RefreshTokenResponse); }
public RefreshTokenResponse RefreshToken(RefreshTokenRequest request) { using (var con = new SqlConnection("Data Source=db-mssql;Initial Catalog=s16985;Integrated Security=True")) using (var com = new SqlCommand()) { var response = new RefreshTokenResponse(); if (con.State == ConnectionState.Closed) { con.Open(); } com.Connection = con; try { com.CommandText = "Select * from Student where RefreshToken = @RefreshToken"; com.Parameters.AddWithValue("RefreshToken", request.Token); var dr = com.ExecuteReader(); if (dr.Read()) { response.IndexNumber = dr["IndexNumber"].ToString(); response.Message = "Poprawnie zapisano refresh token"; return(response); } else { dr.Close(); response.Message = "Błąd! Podany Refresh Token nie istnieje. Zaloguj się ponownie"; return(response); } } catch (SqlException e) { response.Message = e.Message; return(response); } } }
private async Task <HttpResponseMessage> RefreshIdentityToken(HttpRequestMessage request, CancellationToken cancellationToken) { if (_refreshTask == null) { Console.WriteLine("************** Refreshing token"); _refreshTask = GetNewTokenAsync(cancellationToken); RefreshTokenResponse response = await _refreshTask; await _tokenContainer.LoadNewToken(response); request.Headers.UpdateBearerToken(response.IdentityToken); return(await base.SendAsync(request, cancellationToken)); } else { Console.WriteLine("************** Waiting for token refresh"); var response = await _refreshTask; request.Headers.UpdateBearerToken(response.IdentityToken); return(await base.SendAsync(request, cancellationToken)); } }
/// <summary> /// Gets the refresh token. /// </summary> /// <returns>RefreshTokenResponse.</returns> public RefreshTokenResponse GetRefreshToken() { _log?.LogInformation("XeroClient: GetRefreshToken"); RefreshTokenResponse rtn = new RefreshTokenResponse(); var client = new RestClient(XeroUrl.IdentityServerRefreshToken); client.Timeout = -1; var request = new RestRequest(Method.POST); request.AddHeader("grant_type", "refresh_token"); request.AddHeader("Content-Type", "application/x-www-form-urlencoded"); request.AddHeader("Authorization", "Basic " + (_settings.ClientId + ":" + _settings.ClientSecret).Base64Encode()); request.AddParameter("grant_type", "refresh_token"); request.AddParameter("refresh_token", _settings.RefreshToken); _log?.LogInformation("XeroClient: GetRefreshToken: call to refresh the access token"); var response = client.Execute <RefreshTokenResponse>(request); _log?.LogInformation("XeroClient: GetRefreshToken: Response StatusCode " + response.StatusCode); rtn.HttpStatusCode = response.StatusCode; rtn.Status = (int)response.StatusCode == 200 ? PSC.Common.Enums.ResponseStatus.Success : PSC.Common.Enums.ResponseStatus.Failed; if (response.StatusCode == System.Net.HttpStatusCode.OK) { var data = response.Data; rtn.IdToken = data?.IdToken; rtn.AccessToken = data?.AccessToken; rtn.ExpiresIn = data.ExpiresIn; rtn.LastUpdate = DateTime.Now; rtn.TokenType = data?.TokenType; rtn.RefreshToken = data?.RefreshToken; rtn.Scope = data?.Scope; } return(rtn); }
public RefreshTokenResponse RefreshToken(RefreshTokenRequest _request, string token) { RefreshTokenResponse response = new RefreshTokenResponse(); CheckValidateTokenDTO validateDto = new CheckValidateTokenDTO { Audience = configuration["Audience"], Issuer = configuration["Issuer"], PrivateKey = configuration["PrivateKey"], IsValidateExpiry = false, Token = token }; var validatedToken = JWTHelper.CheckValidToken(validateDto); if (validatedToken.IsValid) { var tblRefreshToken = (from rt in db_Evoucher.TblRefreshToken where rt.RefreshToken == _request.RefreshToken && rt.UserId == validatedToken.UserID && rt.ExpiryDate > DateTime.Now select rt).FirstOrDefault(); if (tblRefreshToken != null && tblRefreshToken.RefreshToken != "") { GetGenerateTokenDTO getGenerateToken = new GetGenerateTokenDTO { Audience = configuration["Audience"], Issuer = configuration["Issuer"], PrivateKey = configuration["PrivateKey"], TokenExpiryMinute = Int32.Parse(configuration["TokenExpiryMinute"]), RefreshTokenExpiryMinute = Int32.Parse(configuration["RefreshTokenExpiryMinute"]), UserId = validatedToken.UserID, UserName = validatedToken.UserName }; var generatedToken = JWTHelper.GenerateToken(getGenerateToken); if (generatedToken != null && string.IsNullOrEmpty(generatedToken.ErrorStatus)) { response.AccessToken = generatedToken.AccessToken; response.AccessTokenExpireMinutes = generatedToken.TokenExpiresMinute; response.RefreshToken = generatedToken.RefreshToken; response.RefreshTokenExpireMinutes = Int32.Parse(configuration["RefreshTokenExpiryMinute"]); SaveRefreshToken(new SaveRefreshTokenDTO { ExpiryMinute = generatedToken.RefreshTokenExpiresMinute, RefreshToken = generatedToken.RefreshToken, UserId = generatedToken.UserId }); DeleteRefreshToken(_request.RefreshToken); } else { response.StatusCode = 500; response.ErrorType = "Token-Generation Fail."; response.ErrorMessage = "Unable to generate Access Token."; } DeleteExpiryRefreshToken(); db_Evoucher.SaveChanges(); } else { response.StatusCode = 401; response.ErrorType = "Unauthorized Request"; response.ErrorMessage = "Invalid or Expired Refresh Token."; } } else { response.StatusCode = 401; response.ErrorType = "Unauthorized Request"; response.ErrorMessage = "Invalid or Expired Access Token."; } return(response); }
public async Task <RefreshTokenResponse> RefreshTokenAsyc(string token, string refreshToken) { RefreshTokenResponse refreshTokenResult = null; var validatedToken = GetPrincipalFromToken(token); if (validatedToken == null) { //token is invalid return(new RefreshTokenResponse { Errors = new[] { "Invalid Token " } }); } _tokenValidationParameters.ValidateLifetime = true; var exptime = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Exp).Value; var expiryDateUnix = long.Parse(exptime); var expiryDateTimeUtc = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc) .AddSeconds(expiryDateUnix); if (expiryDateTimeUtc > DateTime.UtcNow) { return(new RefreshTokenResponse { Errors = new[] { "This token is not yet expired" } }); } //get id from the jwt token var jti = validatedToken.Claims.Single(x => x.Type == JwtRegisteredClaimNames.Jti).Value; JwtRefreshToken storedRefreshToken = null; try { storedRefreshToken = appIdentityDbContext.JwtRefreshTokens.FirstOrDefault(r => r.RefreshToken == refreshToken); if (storedRefreshToken == null) { return(new RefreshTokenResponse { Errors = new[] { "This refresh token does not exist" } }); } } catch (Exception ex) { var msg = ex.Message; throw ex; } if (DateTime.UtcNow > storedRefreshToken.ExpiryDate) { return(new RefreshTokenResponse { Errors = new[] { "This refresh token has expired" } }); } if (storedRefreshToken.Invalidated) { return(new RefreshTokenResponse { Errors = new[] { "This refresh token has been invalidated" } }); } if (storedRefreshToken.Used) { return(new RefreshTokenResponse { Errors = new[] { "This refresh token has been used" } }); } if (storedRefreshToken.JwtId != jti) { return(new RefreshTokenResponse { Errors = new[] { "This refresh token does not match this JWT" } }); } storedRefreshToken.Used = true; appIdentityDbContext.JwtRefreshTokens.Update(storedRefreshToken); await appIdentityDbContext.SaveChangesAsync(); //get the user id from the token var userId = validatedToken.Claims.Single(x => x.Type == "id").Value; var user = await userManager.FindByIdAsync(userId); var generateRefreshToken = await CreateJwtTokenAsync(user); refreshTokenResult = new RefreshTokenResponse { Token = generateRefreshToken.AccessToken, RefreshToken = generateRefreshToken.RefreshToken, Success = true, AccessTokenExpiration = generateRefreshToken.ExpirationDateTime, IssuedDate = IssuedDate }; return(refreshTokenResult); }
public RefreshTokenResponse RefreshToken([FromBody] RefreshTokenRequest Request) { RefreshTokenResponse response = new RefreshTokenResponse(); int jwtTimeMinute = JWTModel._jwtTimeMinute; GetUserRefreshTokenResponse refreshToken = GetRefreshToken(Request.RefreshToken); if (refreshToken == null) { response.IsSucceed = false; response.Message = "Refresh Token bulunamadı!"; response.ResultCode = (int)HttpStatusCode.NotFound; return(response); } if (!refreshToken.UserRefreshToken.IsActive) { response.IsSucceed = false; response.Message = "Refresh Token kullanım dışı!"; response.ResultCode = (int)HttpStatusCode.NotFound; return(response); } GetUserRequest request = new GetUserRequest { Id = refreshToken.UserRefreshToken.UserId }; UserViewModel user = _userService.Get(request).User; // yeni access token ve refresh token uretilir TokenModel tokenModel = new TokenModel() { TenantId = user.Company.Tenant.TenantId, CompanyId = user.CompanyId, UserId = user.Id, UserTypeId = user.UserTypeId, Username = user.Username, Email = user.Email, FullName = user.FullName }; Tuple <string, string> token = JwtManager.CreateToken(tokenModel, jwtTimeMinute); response.Token = token.Item1; // eski refresh token pasife alinir BaseResponse resultUpdate = RevokeTokenRefresh(refreshToken.UserRefreshToken.Id); if (resultUpdate == null || !resultUpdate.IsSucceed) { response.IsSucceed = false; response.Message = "Refresh Token pasife alınamadı!"; response.ResultCode = (int)HttpStatusCode.NotFound; return(response); } // yeni uretilen refresh token db e yazilir string newRefreshToken = token.Item2; //response.RefreshToken = newRefreshToken; BaseResponse resultInsert = InsertTokenRefresh(newRefreshToken, refreshToken.UserRefreshToken.UserId); if (resultInsert == null || !resultInsert.IsSucceed) { response.IsSucceed = false; response.Message = "Refresh Token eklenemedi!"; response.ResultCode = (int)HttpStatusCode.NotFound; return(response); } return(response); }