private async Task <AuthenticationTicket> DeserializeRefreshTokenAsync(string token, OpenIdConnectMessage request)
{
var notification = new DeserializeRefreshTokenContext(Context, Options, request, token)
{
DataFormat = Options.RefreshTokenFormat
};
await Options.Provider.DeserializeRefreshToken(notification);
// Directly return the authentication ticket if one
// has been provided by DeserializeRefreshToken.
if (notification.AuthenticationTicket != null)
{
return(notification.AuthenticationTicket);
}
var ticket = notification.DataFormat?.Unprotect(token);
if (ticket == null)
{
return(null);
}
// Ensure the received ticket is a refresh token.
if (!ticket.IsRefreshToken())
{
Logger.LogVerbose("The received token was not a refresh token: {Token}.", token);
return(null);
}
return(ticket);
}
private async Task <AuthenticationTicket> DeserializeRefreshTokenAsync(string token, OpenIdConnectRequest request)
{
var notification = new DeserializeRefreshTokenContext(Context, Options, request, token)
{
DataFormat = Options.RefreshTokenFormat
};
await Options.Provider.DeserializeRefreshToken(notification);
if (notification.HandledResponse || notification.Ticket != null)
{
notification.Ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
return(notification.Ticket);
}
else if (notification.Skipped)
{
return(null);
}
if (notification.DataFormat == null)
{
throw new InvalidOperationException("A data formatter must be provided.");
}
var ticket = notification.DataFormat.Unprotect(token);
if (ticket == null)
{
Logger.LogTrace("The received token was invalid or malformed: {Token}.", token);
return(null);
}
// Note: since the data formatter relies on a data protector using different "purposes" strings
// per token type, the ticket returned by Unprotect() is guaranteed to be a refresh token.
ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken);
Logger.LogTrace("The refresh token '{Token}' was successfully validated using " +
"the specified token data format: {Claims} ; {Properties}.",
token, ticket.Principal.Claims, ticket.Properties.Items);
return(ticket);
}
private async Task <AuthenticationTicket> DeserializeRefreshTokenAsync(string token, OpenIdConnectRequest request)
{
var notification = new DeserializeRefreshTokenContext(Context, Options, request, token)
{
DataFormat = Options.RefreshTokenFormat
};
await Options.Provider.DeserializeRefreshToken(notification);
if (notification.HandledResponse || notification.Ticket != null)
{
notification.Ticket.SetUsage(OpenIdConnectConstants.Usages.RefreshToken);
return(notification.Ticket);
}
else if (notification.Skipped)
{
return(null);
}
var ticket = notification.DataFormat?.Unprotect(token);
if (ticket == null)
{
return(null);
}
// Ensure the received ticket is a refresh token.
if (!ticket.IsRefreshToken())
{
Logger.LogDebug("The received token was not a refresh token: {Token}.", token);
return(null);
}
return(ticket);
}
private async Task <AuthenticationTicket> DeserializeRefreshTokenAsync(string token, OpenIdConnectMessage request)
{
try {
var notification = new DeserializeRefreshTokenContext(Context, Options, request, token)
{
DataFormat = Options.RefreshTokenFormat
};
// Sets the default deserializer used to resolve the
// authentication ticket corresponding to the refresh token.
notification.Deserializer = payload => {
return(Task.FromResult(notification.DataFormat?.Unprotect(payload)));
};
await Options.Provider.DeserializeRefreshToken(notification);
// Directly return the authentication ticket if one
// has been provided by DeserializeRefreshToken.
// Treat a non-null ticket like an implicit HandleResponse call.
if (notification.HandledResponse || notification.AuthenticationTicket != null)
{
if (notification.AuthenticationTicket == null)
{
return(null);
}
// Ensure the received ticket is a refresh token.
if (!notification.AuthenticationTicket.IsRefreshToken())
{
Logger.LogVerbose("The received token was not a refresh token: {0}.", token);
return(null);
}
return(notification.AuthenticationTicket);
}
else if (notification.Skipped)
{
return(null);
}
var ticket = await notification.DeserializeTicketAsync(token);
if (ticket == null)
{
return(null);
}
// Ensure the received ticket is a refresh token.
if (!ticket.IsRefreshToken())
{
Logger.LogVerbose("The received token was not a refresh token: {0}.", token);
return(null);
}
return(ticket);
}
catch (Exception exception) {
Logger.LogWarning("An exception occured when deserializing a refresh token.", exception);
return(null);
}
}
/// <summary> /// Called when receiving a refresh token. An application may use this context /// to deserialize the code using a custom format and to skip the default logic using /// <see cref="BaseControlContext.HandleResponse"/>. /// </summary> /// <param name="context">The context of the event carries information in and results out.</param> /// <returns>Task to enable asynchronous execution</returns> public virtual Task DeserializeRefreshToken(DeserializeRefreshTokenContext context) => OnDeserializeRefreshToken(context);
/// <summary>
/// Called when receiving a refresh token. An application may use this context
/// to deserialize the code using a custom format and to skip the default logic using
/// <see cref="BaseContext{OpenIdConnectServerOptions}.HandleResponse"/>.
/// </summary>
/// <param name="context">The context of the event carries information in and results out.</param>
/// <returns>Task to enable asynchronous execution</returns>
public virtual Task DeserializeRefreshToken(DeserializeRefreshTokenContext context) => OnDeserializeRefreshToken(context);
